Security and data breaches are ever present to companies no matter what the size. A few questions to ask yourself about your business and it's sensitive information.
- What sensitive data does your business manage and where due you keep/store these records?
- Is it easy for these records to be duplicated?
- Are your records encrypted?
- What is your privacy policy on sensitive data/records?
- Is the privacy policy clearly communicated to employees and reviewed on a regular basis?
- A's hire A+. If an employee is to has access to sensitive information, what is to prevent them from sharing it?
- What type of IT services do you need to protect your records?
- Are passwords and software updated regularly on all computers?
- When an employee leaves what procedures are in place to retrieve records, shut down access to computers and networks?
- Shred it don't leave it laying around, what policies has your company put in place to regarding data destruction?
