28% of data breaches occur because of human error.1
People often make careless mistakes and misjudge the importance of the information that they handle. This is because people are unable to identify what constitutes a confidential document in their workplace. Ask yourself the following questions to determine if a document is confidential:
Does it contain any personally identifiable information?
This includes any information that may allow a fraudster to identify an individual, such as:
- Phone number
- Email address
- Account numbers
- Social security numbers
- Employee work records
- Customer and supplier information
Does it share any confidential corporate information?
This type of information contains anything that you wouldn’t want getting in the hands of an outsider. It can be anything from sales and marketing strategies, financial statements, intellectual property, and tax information. Anything that would give away your competitive position can put you at risk.
Does it contain information protected by privacy laws? Does it violate any privacy laws?
Businesses have a legal obligation to protect the information of individuals. Privacy law governs how information is managed within the workplace.
Privacy legislation currently relevant in North America includes:
Does the document list any financial information?
Many financial documents detail information such as transaction history, credit applications, returned cheques, investment information and stock data - all information a fraudster can use to do some serious damage.
Is it one of these documents?
There are several documents that people are unaware of just how confidential they should remain. They are often overlooked and end up not being securely disposed of. These include:
Boarding passes – barcodes contain flight and frequent flier information
Shipping labels – detail names and addresses
Junk mail – personal information is included in correspondence
Post-it notes – often used to record passwords and other important bits of information
Paystubs – can include insurance providers as well as banking information
If you answered YES to any of the above, then you are handling a confidential document. This document must therefore be kept secure and/or securely disposed of avoid the negative repercussions associated with a data breach.
Adopt a Shred-it All Policy.
We recommend that you implement a Shred-it All Policy to take the guesswork out of determining what is confidential. This way, you will be able to keep ALL your information secure.
 2017 Cost of a Data Breach Study, Ponemon Institute