Hackers and thieves are on the hunt for your personal information every day. Because our business requires the transfer of personal information, we need to be prepared to protect our clients' personal information, as well as our own. Information security is an important part of best business practices in the insurance industry.
Personal financial information (PFI) and personal health information (PHI) are most at risk. Personal financial information can include ID numbers, Social Security numbers, bank account numbers, dates of birth, home addresses, and bankcard information. Personal health information can include past medical history, current medical diagnoses, current medical treatment, and physicians' names.
Be aware of phishing emails which can appear to be legitimate emails coming from a well-known and credible source, like your bank, PayPal, or a large retailer. The message in the email may alarm you, telling you that you need to update your personal information and asking that you click on a link provided in the email. If you click on that link, however, it could install malicious malware on your computer and transmit sensitive information to the hacker.
Here are some ways you can help protect information at your business:
- Offer encrypted email and the ability for employees to send emails securely.
- Shred documents that contain sensitive information and don't leave sensitive information "laying around" on desktops or in open areas.
- Practice good password management: Change passwords every 90 days. Passwords should be at least eight characters long and include upper case, lowercase, numbers, and symbols.
- Have a regular schedule for removing digital and paper files that contain PFI and PHI. This should include current and new ways to protect information. Short and frequent education is key to making sure employees are managing PFI and PHI appropriately and are taking the necessary precautions to protect this valuable information.
This blog was written by Jessica Klas, Claims Manager.