March 27, 2009
Normally we hear about the massive data breaches that happen due to some loss of electronic data - whether it's a lost data storage device or laptop or from hacking. However, we can't forget that paper too is at risk for breaching data. This week there were 4 reports of data breaches the result of incidents with paper.
I think we can learn some important things from these breaches of trust and data. Most indicate a lack of awareness about the data and how it should be treated for storage and disposal. Policies to restrict how data moves about - whether paper or electronic - should be considered. The data retention policy should define how information is disposed of, which can include policies on shredding or purging electronic devices. In terms of data storage for physical papers, standard consumer storage facilities may not have enough security; try looking for companies that specialize in business data storage.
As we shared in a report earlier this month, data breaches at small companies often go unreported. There's a great deal of education that needs to be done to small business owners - including those practicing in the medical fields - about how to securely handle confidential data in all stages of its life cycle.
Share this article