What are records?
Records are the evidence of what the organization does. They capture its business activities and transactions, such as contract negotiations, business correspondence, personnel files, and financial statements, just to name a few.
Records come in many formats:
- physical paper in our files
- electronic messages
- content on the website, as well as documents residing on PDA's, flash drives, desktops, servers
- information captured on various databases
When there's a lawsuit, all of these, including copies that individuals have retained or deleted, may be identified as a discoverable.
Sunday, November 8, 2009
Tuesday, October 20, 2009
Protecting Personal Information: Five Steps for Business
1. Take Stock: Know what personal information you have in your files and on your computer. Understand how personal information moves into, through, or out of your business and who has access - or could have access to it.
2. Scale Down: Keep only what you need for business. That old business practice of holding on to every scrap of paper is "so 20th century." These days, if you don't have a legitimate business reason to have sensitive information in your files or on your computer, don't keep it.
3. Lock It: Protect the information you keep. Be cognizant of physical security, electronic security, employee training, and the practices of your contractors and affiliates.
4. Pitch It: Properly dispose of what you no longer need. Make sure papers containing personal information are shredded, burned, or pulverized so they can't be reconstructed by an identity thief.
5. Plan Ahead: Draft a plan to respond to security incidents. Designate a senior member of your team to create an action plan before a breach happens.
2. Scale Down: Keep only what you need for business. That old business practice of holding on to every scrap of paper is "so 20th century." These days, if you don't have a legitimate business reason to have sensitive information in your files or on your computer, don't keep it.
3. Lock It: Protect the information you keep. Be cognizant of physical security, electronic security, employee training, and the practices of your contractors and affiliates.
4. Pitch It: Properly dispose of what you no longer need. Make sure papers containing personal information are shredded, burned, or pulverized so they can't be reconstructed by an identity thief.
5. Plan Ahead: Draft a plan to respond to security incidents. Designate a senior member of your team to create an action plan before a breach happens.
Sunday, October 11, 2009
What Are The Components of a Corporate RIM (Records Information Management) Program
A comprehensive corporate program for systematic management of recorded information includes the following components:
- Written policy directives that define corporate records, emphasize their value as corporate assets, affirm corporate ownership of recorded information associated with a company's business operations, and articulate the purpose and scope RIM initiatives
- Standard operating procedures for storage, retrieval, dissemination, protection, preservation, and destruction of recorded information associated with all business operations
- Systematically developed retention guidelines that specify how long records are to be kept and fully address a company's legal, fiscal, regulatory, and administrative requirements, as determined through consultation and collaboration with corporate legal, tax and finance departments as well as knowledgeable personnel in other business units
- Procedures for the timely, secure destruction of corporate records when their prescribed retention periods elapse, including provisions for suspending the destruction of records if warranted by litigation
- Design and implementation of manual and computerized methods for convenient retrieval and dissemination of recorded information when needed
- Cost-effective arrangements for storing inactive records that need to be retained for legal, fiscal, regulatory, or administrative reasons
- Policies and procedures for identifying and protecting records deemed essential for continuity of mission-critical business operations
- Training plans and programs for company employees regarding the above
Sunday, October 4, 2009
How Does Record Information Management Save Money?
1. By ensuring compliance with recordkeeping requirements contained in legal statues and government regulations, thereby avoiding costly fines or other penalties, including criminal penalties to which executives may be subject.
2. By minimizing storage requirements (office space, equipment, and supplies) for recorded information.
3. By reducing the time and effort required to reconstruct mission-critical information in the event of a disaster, theft, or loss.
4. By reducing the labor requirements for organization, retrieval, and dissemination of recorded information.
5. By reducing the risks and burdens of pre-trial discovery in civil litigation and government investigations.
2. By minimizing storage requirements (office space, equipment, and supplies) for recorded information.
3. By reducing the time and effort required to reconstruct mission-critical information in the event of a disaster, theft, or loss.
4. By reducing the labor requirements for organization, retrieval, and dissemination of recorded information.
5. By reducing the risks and burdens of pre-trial discovery in civil litigation and government investigations.
Tuesday, September 29, 2009
Tips to reduce the risk of identity theft (Part 1)
1. Shred financial documents.
2. Never clink on links in unsolicited emails.
3. Do not use obvious passwords.
4. Do not give out personal information.
5. Protect your social insurance number.
6. Keep your personal information in a secure place.
7. Be alert to bills that do not arrive when they should.
8. Be proactive about unexpected credit cards or account statements.
9. Be alert for credit being denied unexpectedly.
10. Respond immediately to calls or letters about purchases you never made.
2. Never clink on links in unsolicited emails.
3. Do not use obvious passwords.
4. Do not give out personal information.
5. Protect your social insurance number.
6. Keep your personal information in a secure place.
7. Be alert to bills that do not arrive when they should.
8. Be proactive about unexpected credit cards or account statements.
9. Be alert for credit being denied unexpectedly.
10. Respond immediately to calls or letters about purchases you never made.
Tuesday, September 22, 2009
Ten Ways You Can Make Your Data Backups More Secure
Data backups are an essential element of good storage security, but they are often the source of security woes. In fact, a significant percentage of security breaches can be attributed to the mismanagement and mishandling of data backups. Simply skimming through the Privacy Rights Clearinghouse's Chronology of Data Breaches shows that adequate data backup controls are lacking.
1. Ensure your security policies include backup related systems within their scope.
2. Include your data backup systems in your disaster recovery and incident response plans.
3. Assign backup software access rights only to those who have a business need to be involved in the backup process.
4. Store your backups offsite or at least in another building.
5. However you choose to store your backups (tape, NAS, or external drives) be sure to control access to the room/car/house in which the backups are stored.
6. Use a fireproof and media-rated safe. Many people store their backups in a "fireproof" safe, but typically one that's only rated for paper storage.
7. Find out the security measures that your offsite storage, data centre and courier services are taking to ensure that your backups remain in safe hands.
8. Password-protect your backups at a minimum.
9. Encrypt your backups in your hardware and software support it.
10. You've heard it a thousand times but it deserves repeating: your backup is only as good as what's on the backup media.
1. Ensure your security policies include backup related systems within their scope.
2. Include your data backup systems in your disaster recovery and incident response plans.
3. Assign backup software access rights only to those who have a business need to be involved in the backup process.
4. Store your backups offsite or at least in another building.
5. However you choose to store your backups (tape, NAS, or external drives) be sure to control access to the room/car/house in which the backups are stored.
6. Use a fireproof and media-rated safe. Many people store their backups in a "fireproof" safe, but typically one that's only rated for paper storage.
7. Find out the security measures that your offsite storage, data centre and courier services are taking to ensure that your backups remain in safe hands.
8. Password-protect your backups at a minimum.
9. Encrypt your backups in your hardware and software support it.
10. You've heard it a thousand times but it deserves repeating: your backup is only as good as what's on the backup media.
Monday, September 7, 2009
How Thieves Get Your Identity
1. Stealing: Taking your purse, wallet, mail, pre-approved credit card, new checks, personnel files from work, or tax information.
2. Changing your address: Completing a change of address form to get your mail and personal statements.
3. Phishing: Pretending to be a financial institution and sending scam alerts to get your personal information.
4. Dumpster diving: Going through your trash.
5. Skimming: Storing your credit card number in a special storage device when processing your card.
2. Changing your address: Completing a change of address form to get your mail and personal statements.
3. Phishing: Pretending to be a financial institution and sending scam alerts to get your personal information.
4. Dumpster diving: Going through your trash.
5. Skimming: Storing your credit card number in a special storage device when processing your card.
Subscribe to:
Posts (Atom)
