The first step to securing your client’s data is to collect and keep only the information you need. Your clients’ personal and financial information deserves protection – state IDs, social security numbers, financial and banking information, especially the copy of the personal check found in most files, are most sensitive. Think about:
- Your paper files: This includes business financials, client files, and don’t overlook agent files / extra copies and notes, home security / access information that you note (key under flower pot, sellers on vacation)
- Your electronic files (emails, scanned PDFs, copier hard drives (so, for instance, modern copiers record what they copy… when you copy a check, a copy is sometimes stored on an internal harddrive of the copier), flash drives, etc…)
- Think about the locations of where is sensitive data held, stored, accessed and shared. Once you have a list of the sensitive areas for security, develop simple policies for keeping them secure.
Most states have laws requiring client notification if that information may have been accessed by an unauthorized person. Most states have laws requiring businesses to securely dispose of information that is no longer needed – though agents must follow state real estate commission record retention rules. Information on breach notification and record disposal laws can be found here
: http://tinyurl.com/br4wo7o (Acrobat / PDF). If you work with international clients then international laws may apply as well.