Respecting Other Peoples' Information
PII. Personally identifiable information. All the tidbits about a person that they hope no one is keeping track of…but someone always does. Are you collecting sensitive information about the people with whom you interact? Whether you operate a nonprofit or a small business, you have more access to PII than you may recognize. Make sure you handle personal information in a way that is not only legal, but shows people the respect you show them in your daily interactions.
Figure out whether the information you collect is legally protected.
This can be difficult to pinpoint due to different requirements at state and federal levels as well as industry-specific requirements. You may even want to talk to a lawyer when it comes to the details. Generally, however, use special care with any information that can be used to directly or indirectly identify a person. Yes, that means a social security number. But it also can mean a home address without a city--or even that birthdate you jotted down in hopes of sending a friendly birthday card.
Collect and keep only the information you need.
We are talking about being responsible with other people’s information. What information is the most secure? That which is never collected. Consider carefully whether the personal information you collect is really necessary. (Think of the birthday card.) Remember, no breach can leak information you do not have on hand.
The next most secure data is that which was handled properly and deleted promptly. Limiting access to information does not show distrust to your coworkers as much as it shows respect to the people whose information you hold. If you have not done business with someone in quite awhile, it may be time to pare down the information you have on file. Make sure you dispose of the information in a way that keeps it from being pieced together afterward.
Guard the information you have.
This means limiting access within your organization to people who are trustworthy and have legitimate need for the information. Here are some tips on how to safeguard the information you collect:
Restrict access to hard copies of PII:
- Make minimal copies and shred them when they become unnecessary.
- Secure paper records not in active use under lock and key.
Restrict access to electronic copies of PII:
- Close windows when not in use.
- Save files in password protected or otherwise restricted-access formats.
- Implement access controls on files containing PII on shared network drives.
If you must transmit PII, use special care:
- Make sure the recipient understands the protected nature of the information.
- If transmitting via email, use an email encryption service.
- If transmitting via a mobile device such as a CD or USB, encrypt those files too.
Identity thieves and hackers are real threats to our information and the information of those with whom we interact. Whether we run a non-profit or a small business, how we handle the information we collect matters. Let’s do our part to handle other peoples’ information carefully to not only meet our legal obligations, but to take care of our neighbors as well.
Can Frontline help?
We at Frontline Technology will gladly help secure your network, set up appropriate permissions on your shared sites, and provide email encryption services.
ABOUT FRONTLINE TECHNOLOGY LLC
Frontline Technology is a Managed Service Provider for nonprofits and small businesses. Founded by pastors and ministry leaders with the principle to see lives changed, Frontline’s core values of Engage, Equip, and Serve translate into valuing client relationships over adding a number to the portfolio.
Frontline understands that technology is often thought to be complicated and expensive. Thankfully, it doesn’t have to be that way. Gain peace of mind by working with a like-minded company that understands your challenges and allows you to focus on your vision.
For non-profit organizations and businesses of every type and size: We Keep IT Simple
Frontline Technology is one of the only ministry-focused IT companies that is led by pastors and ministry leaders.