Don’t Risk Your Business by Risking Client Privacy
- By Julie Stewart
- October 18, 2016
In today’s DOL Rule environment, many advisors have a heightened awareness for the importance of security and organization. Misplaced client information could wreak havoc on someone’s financial well-being, not to mention your business.
In today’s world, we communicate several ways – verbal, text, email, paper and pen and how often do you wonder, ‘where did I put that piece of paper?’ or ‘Why can’t I find the email when I know I saw it!’.
How many times have you had to go back to a client to get information a second time?
None of us want to appear unprofessional and these seemingly small mishaps can be avoided by implementing and following best practices to secure information.
Agents and agencies are responsible for protecting their client’s sensitive information. The Gramm Leach Bliley Act is in place to protect consumer’s nonpublic personal information — even information you may not think is sensitive is included and important to protect.
The magnitude of confidential data maintained in computers and [online?] today faces substantial and very real security risks.
It is our responsibility to act in a judicious manner and protect this sensitive information from potential theft.
What is nonpublic personal information?##
NPI is any personally identifiable financial information “that a financial institution collects about an individual in connection with providing a financial product or service, unless that information is otherwise “publicly available.”
According to FTC.gov:
Once you obtain an application, ask yourself: “what steps are in place to secure the document and your clients information” Are you making copies? Do you keep them under lock and key? Are you uploading them to your CRM or AMS? Is your network secure? It is up to you to ensure the application and all information disclosed is properly handled and secured to prevent loss of data or a data breach.
5 Measures to Protect Client Info##
### 1) Shred it### When converting paper files to digital or when purging client files always use a cross-cut shredder. Identity thieves are known for dumpster diving.
Once this information is stolen, it is sold hundreds of times and can have a lasting impact to your client – where they are targeted multiple times over many years.
2) Use Secure Email or Password Encrypted### programs to communicate sensitive information
Never text sensitive client information.
If you are using your phone or ipad to take copies of statements, be sure to delete and never transmit via unsecure email or text.
3) Lock it up###
Paper files should be under lock and key.
Your computer should also be password protected and lock after 1 minute of inactivity.
4) Electronic updates and disposal###
Be sure to properly dispose of old equipment like thumb drives, hard drives, old computers, tablets and phones.
5) Secure your network###
Set up a firewall, VLANS and private networks to ensure you are not a target for unrestricted access to data.
For more information on how you can protect your firm by implementing smart systems and processes, contact us.