When I walked into the lab to get blood drawn in preparation for a routine physical, I noticed the third line on the obligatory paperwork I had to complete: “Social Security Number.”
I looked around the office and noticed paperwork in an open sorter hanging on the wall. That was all it took. I wrote “N/A” on the line. The person behind the counter did not ask why. That told me the lab did not need the number.
The most recent report from the privacyrights.org database shows: “Centene, a St. Louis-based payer, is searching for six missing hard drives that contain protected health information of approximately 950,000 individuals. The six hard drives contain information of individuals who received laboratory services from 2009 to 2015, including names, addresses, birth dates, Social Security numbers, member ID numbers and health information.”
The lab I visited is not Centene, but I share that story and mine to drive home a point for businesses: Losing data can happen to anyone.
I’ll go one step further and turn that “can” into “will.”
If I had written my Social Security number on that paper, it would have been keyed into a computer by someone. And what would happen to the paperwork after the data was entered? One hopes that it would be destroyed, but what if it ended up in that steel sorter on the wall?
Perhaps you’re thinking I’m paranoid. But consider this: According privacyrights.org, data thieves have used virus-laden emails, broken into buildings, impersonated executives, delivered malware through websites and taken advantage of unlocked computers, all to steal personal information, just since the beginning of this year.
In this technology-rich, data-driven world, we are walking targets for data thieves.
So I ask you: How is your business working to protect employees and customers?
The Better Business Bureau believes safeguarding privacy is a must for a truly trustworthy business.
Collect only personally identifiable information that you must have. Reduce the touch points. Can the information be keyed directly into a computer without leaving a paper trail? Do it. If there is paper involved, shred it fast and securely.
Do you use just one computer to house your customer data, employee data (including payroll), bank data and email, and to surf the web? Don’t. Dedicate one computer to sensitive data work.
Get outside help to make sure your network and digital equipment are secure.
Create rules that prevent sensitive data from ever being stored on portable drives. Laptops are a favorite target for data thieves.
Ultimately, the reputation of your business depends on how seriously you take the real threat of data theft.
Dale Dixon is chief innovation officer of the Better Business Bureau Northwest. 342-4649, firstname.lastname@example.org. This column appears in the February 15-March 14, 2017, edition of the Idaho Statesman’s Business Insider magazine as part of a special section on technology. Click here for the Statesman’s e-edition, which includes Business Insider (subscription required).