-
Home
-
Knowledge Base
-
David J Steele
- PII Protection and Awareness
Knowledge Base
PII Protection and Awareness
Personal Identifiable Information or PII is any data that can be used to trace an individual’s identity, including names, phone numbers, email addresses, and even IP addresses. PII may also include personal characteristics such as biometric data (e.g., fingerprints), photographs or other images of individuals in recognizable contexts, or even the tone of voice when speaking on the phone. Protecting and securing PII is crucial because it helps protect everyone from scams and criminals who use PII to try and access accounts or personal information without authorization.
 |
At Intrada Technologies, we take PII seriously. We use a range of technologies and security protocols to maintain the confidentiality of our customers’ PII while ensuring they can still easily access their accounts. This includes using encryption to secure PII and other sensitive data and running thorough background checks on our employees who access PII during their work. We also maintain robust authentication protocols that require users to confirm their identity before granting them access to personal information. We also regularly review and update our security measures to avoid potential threats.
Protected Health Information (PHI) or HIPAA
The same data protection principles apply to PHI or protected health information, subject to the HIPAA Privacy Rule. We understand that medical records are extremely sensitive and valuable to scammers. As such, we take extra measures to ensure that any PHI we collect is securely stored and only accessible by authorized users. We use various technologies and protocols to encrypt PHI, limit access rights, log user activity within the system, deploy security patches regularly, and backup data on secure servers.
Healthcare data may be valued at up to $250 per record, compared to the next highest value data type of payment card data which carries an approximate value of only $5.40 per stolen record (Trustwave Report).
Payment Card Industry (PCI)
Credit card information is still considered PII, and sending credit card numbers by email, or text is like writing it on a bathroom wall for all to see. That's why we strongly recommend not emailing or texting credit card numbers. In addition, it would be best to refrain from sharing credit card information with anyone other than a trusted source. Finally, when collecting credit card information, you should also ensure that your system meets the Payment Card Industry (PCI) Data Security Standard and complete an annual PCI compliance check, usually requested by your merchant account provider. This will help to confirm that credit card data stored in your system is being done securely within the latest security standards on a complaint platform and framework.
Hackers are getting smarter
Hackers have become increasingly sophisticated in their attacks on finance and business services, targeting the source of money. Cybercriminals use various methods to gain access to financial information, from installing malware or phishing scams to exploiting vulnerabilities in software. They can also exploit gaps in security protocols, such as using weak or default passwords or using employee credentials that were previously exposed or lost. In some cases, hackers may use a combination of these methods for maximum effect.
Recent data suggests that finance and business service companies are particularly vulnerable to cybercrime due to the wealth of sensitive data held within their networks. The 2021 Data Risk Report by Veronis found that financial services businesses take an average of 233 days to detect and contain a data breach - significantly longer than other industries. This makes them an attractive target for hackers who seek quick access to funds or other valuable assets stored within finance-related systems.
Given the potential rewards associated with successful attacks on finance companies, these organizations must invest in robust security protocols and stay up-to-date with the latest cyber threats. Finance companies should take measures to protect themselves from cybercrime by implementing strong authentication procedures, encrypting sensitive data, limiting user access rights, running regular vulnerability scans, and always keeping software up-to-date.
Regular Session 2021-2022 - House Bill 1126
In light of the increasing cyberattacks in 2021, it is more important than ever to take data protection seriously. As a result, the U.S. House is considering a bill that would protect consumer data collection and privacy across nearly all sectors and make individuals or classes able to sue for compensatory damages, injunctive relief, declaratory relief, and reasonable attorney’s fees and litigation costs up to four years after the effective date of the action in federal court.
Cyber Insurance
Companies should invest in cyber insurance policies that provide financial compensation in the event of an incident or breach. A good cyber insurance policy will offer coverage for both first-party losses (such as damage caused by a breach) and third-party losses (such as legal fees incurred from defending a lawsuit). Investing in this coverage will help businesses mitigate the financial losses associated with data breaches and other cyberattacks while ensuring that all parties involved are protected from future liability. Just because you have cyber insurance does not mean you are protected. This is an insurance policy and does not fix your security issues. Companies are responsible for ensuring your network is secured, and your staff conducts awareness training regularly.
Training
Companies must invest in training personnel to ensure they understand best practices for data protection and can spot potential threats before they become a problem. This will help protect sensitive data and allow companies to respond quickly if an incident occurs. Training staff on cybersecurity should include topics such as email phishing, holiday frauds, tax, IRS or government imposters, direct deposit, gift cards, social media scams, and the list goes on. Moreover, educating employees on the risks associated with cybercrime can help foster a culture of awareness across all levels of the organization so that everyone remains vigilant against malicious actors.
Intrada offers training and monthly awareness articles for staff on a variety of topics related to data security, ranging from the basics of phishing scams to how to detect and respond quickly in the event of an incident or breach. Our training and awareness programs are designed to help companies recognize potential threats, protect their networks from unauthorized access, and take proactive steps toward data protection.
Intrada monitors emerging threats so we can keep up-to-date with the latest developments in cybercrime. In addition, we offer guidance on how companies can implement best practices such as strong authentication procedures, encryption protocols, user access rights management, policy, and procedures.
Committed to customers
At Intrada, we are committed to keeping our customers’ data safe and secure. We take extra measures regarding PII, PHI, and credit card data protection. We will continue to stay up-to-date on the latest security protocols and trends so that our clients can know their valuable information is secure.
In conclusion, at Intrada Technologies, we believe that data protection should always be a top priority. Therefore, we strive to keep our customers' information safe by using the most up-to-date security protocols and technologies and regularly monitoring for potential threats.
If you have any questions or concerns about the security of your data, please do not hesitate to contact us. We are here to help.
Cybersecurity Awareness Poster
 |
Click here for a cybersecurity awareness training poster that Intrada Technologies clients may print and post to meet cybersecurity insurance requirements. |
About the author
Contact Us
|
Contact Information: |
Hours of Operation: |
OUR FOCUS
Intrada Technologies is a full-service web development and network management company with a focus on creating ongoing, trusted partnerships with each of our clients.
We make sure our clients have what they require to run their businesses with maximum efficiency and reliability, as many of their needs are mission-critical.
Our unique, collaborative partnerships allow us to provide our clients with the assurance that we will be there when they need us.