Data security and why you need to protect your physical as well as digital documents.

Once more unto the breach
Once more unto the breach

When Shakespeare wrote “Once more unto the breach, dear friends” in Henry V, he had no indication what the word ‘breach’ would come to mean. Fast-forward 400 years and it is a word that casts fear into the heart of every CTO, IT manager and compliance professional. Headlines are dominated by high-profile security breaches, and the risks these pose to individuals and their personal information. From small businesses to global banks, hospitals and social networks, every operation which interacts with the public is taking steps to protect their customers, employees and stakeholders from these breaches.

As well as a moral obligation to protect their customers’ private information, organisations must meet stringent regulatory obligations. The 1998 Data Protection Act gives individuals the right to know what information organisations hold about them, and sets out rules for companies on how they manage personal information. The stakes are high if these rules are not adhered to, with fines being handed out and reputations at risk. For small businesses, these regulations can be daunting, and can add time, cost and complexity to businesses already restricted by red tape.

Many businesses have protective measures in place to meet these regulations, and safeguard their digital data, from robust firewalls, encryption techniques and password-protection to VPNs and cloud storage. But what about the protection of physical documentation? Data in both digital and physical form need to be managed, maintained and protected. Data held in paper-based form is equally as high a security risk -in fact, almost a quarter of security breaches relate to paper-based documents1 - but requires an entirely different strategic approach to its management. With many organisations responsible for sending out high volumes of transactional and information-based communications, safeguarding processes are essential.

There are secure methods of storing physical documentation such as bank safety boxes and off-premise archiving, but when a business is constantly creating new documents and generating high-volume physical communications such as customer mailings, these storage methods are not appropriate. The data on these documents is still highly sensitive and open to risk, however. Consider the UK’s Driver and Vehicle Licensing Agency (DVLA), which was found to have breached data protection rules when sending out confidential documents to the wrong motorists. It mailed 1,215 questionnaires which included such personal details as dates of birth and motoring offences. Around 100 were sent to incorrect addresses.

To address this and maintain data security and compliance, small businesses are building safeguards into the earliest stages of a document’s creation by rolling out watertight Document Integrity processes and systems. The objective of Document Integrity is to ensure the document creation and change processes generate sound, correct and valid documents. From document creation through to print output and mail, every stage is specifically designed to ensure accuracy and precision, to protect data and to achieve compliance. It enables businesses to provide evidence that appropriate best practices, processes and controls are in place.

Document Integrity ensures a high degree of data protection. With mailings, private information is inserted into the envelope without risk of being compromised by human handling; and inaccurate information, duplication of paperwork and missing content is eliminated. There are also financial advantages from implementing Document Integrity such as:

- Reduced costs previously generated by manual handling

- Eliminated costs of returned and undelivered communications

- Minimised risk of penalties for non-compliance

For small and medium businesses that rely on transactional and information-based communications, document integrity is key to compliance, security, customer relationships, and reputation. Organisations have a duty to protect their customers’ data. Document Integrity ensures the duty doesn’t become a burden.

Andrew Ford, VP, marketing and communications, Pitney Bowes.