More than getting stolen online, hard copies of precious personal or financial data are easy to copy and make use of. Singapore’s privacy watchdog has recently published new advisory guidelines for the organizations there to protect confidential paper documents.
An online news website in July reported that it found an entire trash bag with unshredded, confidential bank documents under a tree along the street at Boat Quay. Those documents, reportedly left by the UNITED Overseas Bank (UOB) included corporate bank statements to applications for loans with client details as well as a personal phone bill.
The Monetary Authority of Singapore (MAS) and The Personal Data Protection Commission (PDPC) were investigating UOB based on this report. PDPC provides certain guidelines that can educate organizations on the best practices in protecting client data.
- The paper documents with personal data should be shredded. The paper should be sliced in at least two different directions, making it harder to reassemble.
- Personal data stored on electronic media such as computer hard disks, USB drives or DVDs must be wiped clean using specialized software to avoid accidental data leak.
- “Dumpster diving” or theft from dust bins is also common. Documents being sent for destruction should not be kept in unsecured boxes or containers.
The commission also launched a scheme to help small and medium-sized enterprises (SMEs) defray up to 70 per cent of the costs of data protection initiatives such as consultancy, training and software deployment. Also under the Personal Data Protection Act (PDPA) that came to effect in July 2014, organizations that fail to protect consumers’ personal data can be fined up to $1 million per breach.
Go Digital! Technology Helps
By converting documents and other papers into digital form, organizations can avoid discarding documents in trash bins, or other publicly accessible locations. With document digitization, they can also benefit from easy storage, easy file access from anywhere as well as improved customer service. A professional document scanning company can help businesses create a paperless environment and thus improve efficiency.
However, before outsourcing the tasks as well as client files to the company, it is important to check the safety measures these companies have to safeguard your client data. Reliable companies have extensive data security protocols that include safety measures such as-
- Password authentication for document imaging and scanning systems
- Activity log that keeps track of who uses the system and the documents they scan and where it goes
- Encryption of scanned documents before they are emailed or sent over public networks
- Sending encrypted documents and a password or decryption key to the recipient separately to unlock the file
- Employees handling the documents are formally trained to follow HIPAA and other privacy regulations and procedures
- Monthly back-ups of computer systems stored on password protected lockers
Make sure to benefit from the free trial the company may offer before signing up for the project, so that you can check the work quality, turnaround time as well as safety measures they implement to safeguard the confidentiality of your customer information.