USCC Home
 
U.S. Chamber of Commerce Join Today
U.S. Chamber of Commerce
USCC Home Small Business Center Issues and Advocacy Media Center Chambers Associations Members

nav
PUBLICATIONS
E-mail Newsletter
ePrints
Publications Bookstore
Reports & Studies
uschamber.com Magazine
Archives / Reprints
Current Issue
Econ 101
Face Off
SB Matters
Success Insight
Tech Tools
Join
navbottom

Related
About the U.S. Chamber of Commerce
Careers
Events Calendar
FAQs
Programs
related_Bottom

Related
 
 
 
 
related_Bottom

 
Publications > uschamber.com Magazine > 2005 Archives > July 2005

Tech Tools: Protect Customer Information: Data Security Should Be Standard

By Ricardo Harvin

On June 1, the Federal Trade Commission (FTC) issued a new rule under the existing Fair and Accurate Credit Transactions Act of 2003 (FACTA) that requires businesses--small and large--and individuals to dispose of sensitive information derived from consumer reports. Under the new FACTA Disposal Rule, if you use consumer reports--including customer credit reports, employee background checks, or tenant histories--you are now obligated to dispose of this information using methods that are deemed “reasonable and appropriate.”

This new rule is intended to help protect consumer data and prevent identity theft, and it applies to the disposal of both paper and electronic information. However, the rule neither contains provisions for how consumer report information should be stored nor places restrictions on how long it should be kept.

Even if you don’t use consumer report information and your records aren’t specifically covered under the rule, now is a good time to review how you handle all the customer--and employee--data you gather.

Practices to Follow

Make sure you limit access to information only to those people in your company who need it and only for the period of time required. Nonemployees should never have unsupervised access to your customer or employee records.

Despite the real threat of theft by outsiders, in most cases when company information is stolen, it involves either someone working for the victimized company or a nonemployee who has access to areas where that data is stored.

If you store your information electronically, at a minimum, you should use strong passwords to lock your files. Your passwords should include both numbers and letters--but not words that can be found in a dictionary. For maximum security, you should also use a strong encryption program to turn the information in your files into code that can’t be deciphered without the correct key.

While the new FTC rule tells you how to dispose of consumer report information, protecting your company’s data each step of the way should be an everyday part of how you do business. 

And if you don’t think that protecting consumer information needs to be a standard part of doing business, just think of all the places that have your credit card and other financial data--don’t you want them to handle your information with the same amount of care?

For additional coverage on technology issues, go to www.uschamber.com/goto/techtools.
 
 
 
E-Sources

 This article is also available as an RSS Feed.
 
 
Join | Login | Search | Sitemap | Contact Us | Terms & Conditions | Privacy Policy
 
Copyright © 2008 U.S. Chamber of Commerce 1615 H St NW Washington DC 20062-2000 All Rights Reserved
Advancing human progress through an economic, political and social system based on individual freedom, incentive, initiative, opportunity, and responsibility.