Information Security Guidelines
Here are some basic steps you can take to help maintain the security and integrity of protected consumer information:
You can also take several relatively simple steps to protect information from misappropriation or deletion:
Network & Information System Integrity
You must also assess and minimize the risks of customer information compromise with respect to information technology systems, including, but not limited to, paper files, your computers and servers, internet access, and back-up files. Obviously, each organization handles customer information differently. Therefore, in this area of the Safeguard Program, you should critically review how your organization collects, accesses, processes, stores, distributes, backs-up, transmits, and destroys the protected information, and customize your Program accordingly.
At a minimum each organization should take the following steps:
1. Store records in a secure area:
2. Provide for secure data transmission when collecting or transmitting customer or other protected information:
3. Dispose of customer information in a secure manner:
4. Use adequate oversight and audit procedures to detect the misappropriation or loss of protected information. Each customer list or file should contain a code or identifier so that contacts, access, or changes can be monitored and controlled.
5. Maintain a close physical inventory of all computer hardware.