First of all you want to make sure your properly storing documents that you wish to keep. Ensure that only authorized personnel can access proprietary information and that the information kept at your facilities has some sort of access controls such as locked cabinets and/or keypad entry to the storage facility. Once you have the documents secured in house you need to ensure that the lifecycle of the documents are maintained.
When discarding documents ensure that they are shredded and/or incinerated. You do not have to have an incinerator on site but ensure that your vendor has a written guarantee that documents they take from your facility for destruction are actually destroyed. Many times you will want to ensure that even shredded remnants are destroyed in this manner.
Ensure that your employees know not to simply throw documents in the normal trash. This begins with proper training and you should have annual training and spot checks to ensure that documents are being destroyed in accordance with appropriate handling policies. You do have a policy right?
Another good idea is to have a document check in and management system for the handling of PII or sensitive proprietary information. Corporates face corporate espionage at an alarming level these days and are subject to theft of information from competitors as well as foreign interest.
No comments:
Post a Comment