How might organizations better protect Personal Identifiable Information (PII)?

Identity theft is not a new problem, but it is certainly a fast growing problem. From a consumer perspective as well as a business perspective, data security is critical. Businesses need to make sure they are doing their due diligence. That means protecting their customers to the best of their ability. Shredding is a very effective and smart step in the document destruction process. But does it protect the PII data to the extent necessary?  

Sometimes, more than shredding is required to maintain the security of the information contained within the document, but for the non-essential documentation, shredding is a relatively low cost and effective way to maintain a high degree of security for your hard copy records. Sometimes it’s a matter of protecting certain documents more than others. But the bottom line is to educate your team on what needs to stay under wraps, and what’s ok to let be thrown in with the recycling.  

Understanding PII 

Your personal information is what identity thieves are really after. PII or Personally Identifiable Information can include birth dates, Social Security numbers, names, addresses (past and present), phone numbers (past and present), email addresses, even names. Make sure that anything that has those numbers goes through the shredder. This can include anything from mail you receive from the Internal Revenue Service, mail from your state vehicle registration agency, and employment-related mail containing personal information. Travel-related documents contain PII. Similarly, vulnerable travel data may include names, itineraries, and other data that identity thieves might find useful. The bottom line is that it should all go in the shredder. And that is true for both individuals employed by the company or your clients.  

Protect Account Information 

The rise of massive scale hacks has taken over the news. Even companies like Sony and Target have not been able to prevent massive hacks from taking place. Account information of any kind is better off shredded. Account numbers, user names and passwords are key pieces of information that identity thieves try to capture. You should shred any mail printed with this information. That includes credit card statements, personal property and real property tax statements or bills. This means you should also shred mail that contains information about utility accounts, cell phone, and internet bills, as well as similar bills you might receive concerning properties you own, such as rentals or vacation property, or even business leases. It can all be used to access larger and more critical databases and networks that can quickly result in massive data breaches.  

Don’t Trash Documents Containing Financial Information 

This could be financial information that belongs to your business or to your clients. Because, anything that comes from a financial institution is at risk. While it is true that many businesses need to retain certain copies of bank and credit documentation for record-keeping purposes, you really only need to hang on to that information for three years. Anything older than that should be shredded. That includes shredding canceled checks, voided checks, any online purchase orders that contain bank accounts or billing information. 

For additional advice on how to improve your data security, connect with the team at Happy Faces Records Management today. 

Leave a Reply

  • (will not be published)