Keeping your customers' personal information safe from unauthorised use, loss or disclosure (known as a data breach incident) is vitally important.
Not only can a data breach incident negatively impact your business' reputation, but there may be legal consequences, too.
What is personal information?
The information you collect about your customers may include their names, addresses, phone numbers, bank details and credit card numbers. These are all types of personal information.
Why is this important?
Protecting customer privacy is the ultimate goal of avoiding breaches of confidentiality. This means practicing good hygiene when it comes to handling customer data, such as only collecting the information needed and nothing surplus, handling it respectfully and not holding onto it when it’s no longer required – so setting an expiration on how long data is retained for before it is archived and then securely destroyed.
A data breach incident can occur in a number of ways:
- Physical access – such as inadvertently leaving customer information where it can be accessed by someone who shouldn’t – such as leaving paperwork in a café.
- Throwing out a hard drive without securely destroying it.
- Digital access – such as keeping all customer data unencrypted on a digital drive that is accessed remotely by a malicious hacker.
- Accidentally sending the wrong customer information about another customer by getting email addresses wrong.
How can I keep my customers' personal information secure?
You have to know what your most valuable information is and where it is if you are to make sure you are prioritising its protection.
Once you understand what your business’ most critical information is, it’s useful to understand the three different states of your information so you can assess what risk is inherent in each of these states, depending on your business’ practices.
Basically you need to think about how your information is protected when you are storing it, how it’s protected when you are using it, how it’s protected when you are trying to share it, and also how it’s disposed of securely when you no longer need it.
The defences that you can have a think about are things like encryption, which uses mathematical algorithms and keys to protect information from disclosure, in transit and while it is at rest on systems.
Identity and access controls rely on making sure that we can verify that the person accessing the information is who they say they are and that they are authorised to do so and there are a number of different mechanisms to do this – often called authentication factors which can be combined to validate a user’s identity -- examples are something a person is (biometrics), something they know (such as a password), something they have (such as a token) and increasingly somewhere they are (so if you have a user that’s trying to connect to your system from somewhere completely different to where they normally log in from, an alert can be triggered.)
Information classification and handling processes are unique to every organisation, but basically the fundamental tenets are the same. Not all information is created equal – information about team meetings and the kitchen roster don’t hold the same value as payroll and client account information so they shouldn’t be protected in the same way. This is where instituting a practice such as forced labelling of your information with a classification, can prompt users to acknowledge its level of importance and therefore the rules you require in your organisation to protect information of that sensitivity.
Data segmentation flows from this – basically it means separating out the really important information so you can apply lots of additional protective controls without overkill that requires layers of authentication every time someone just wants to check the status of the stationery inventory.
Data minimisation is about making sure we’re not keeping anything superfluous – so regularly curating and looking after your information and making sure that when it’s no longer needed, it is safely removed or destroyed by a secure method such as shredding.
Many of the services your business will already use will have these sorts of control options built in so it may be a case of exploring what’s available to ensure you are protecting the private information customers are entrusting to your business.
You can find out more information on the Notifiable Data Breach scheme at the OAIC website