Protecting client information: Your duty as a business owner
“Watch the curb! Watch the curb!” I raised my voice to provide this guidance to my oldest child attempting to learn a bike without training wheels. As parents or caretakers of others, we are given a duty to provide guidance for operating in life, as well as looking out for their well-being.
Without this small direction, my child would’ve learned the hard way and probably ended up with some bumps and scrapes. He may still learn the lesson after, but if I could prevent injury before it happens – even better.
As a business owner, we have a duty to guide and protect our clients/purchasers in a similar manner.
While your role may not be to provide guidance to your client, as you may be providing a product or service, it is our duty to provide measures of business interaction that safeguard these individuals entrusting faith and monetary investment in us.
This duty is as simple as protecting sensitive and private information such as contact information and payment data.
What data should business owners protect?
Anytime a client comes to give you money and/or information, you should always err on the side of “do unto others.” Ask yourself: would you want this business sharing your email address? Or posting your credit card data online? What about every time you hired someone it was put on social media blast for all to see?
Information to protect includes (but is not limited to this list):
- email addresses
- credit card numbers
- birthdays
- home mailing addresses
Would you be open to this information being publicized for all to see?
For any of this, your answer is probably no – but like most things – it depends. Anytime a reader of your blog, client of your services, or purchaser of your product engages with you, you should always err on the side of protection.
In-The-News information business owners need to know
Business owners are armed with their card readers and online payment systems. You probably snagged one of these and “checked the box” off your to-do list. However, what many business owners don’t know is that a deadline is fastly approaching. One that is a duty of yours to follow.
A deadline for phasing in secure, chip-enabled payment cards across the country kicks in on Oct. 1. That’s when banks are supposed to finish distributing the new plastic to customers. Businesses will need to install new card readers to process the information on the chips. Those that do not have the new technology in place by then will be on the hook for any security lapses or fraudulent transactions, instead of payment-processing firms. – Washington Post
This is just one example of cyber security required by business owners that many are not aware of. Be sure you are safeguarding your clients by staying vigilant with this information.
You can snag a Privacy Policy Template + get updated information (such as these legal measures) here:
How can I safeguard my clients?
I am so glad you asked – here is a quick snapshot of three areas with sensitive client data that you can ensure you are safeguarding today.
#1 Have a privacy policy
Privacy policies are often seen on opt-in forms, contact forms and/or footer of websites. This policy is a statement that discloses some or all of the ways that your site will be using, disclosing and/or managing a customer/client’s data.
You can snag a Privacy Policy Template + get updated information (such as these legal measures) here:
#2 Secure payment methods
If you are taking credit card information on your site, be sure you have an SSL certificate installed. If you are using an online payment processor, many of these will take care of the need for an SSL but always ensure you have the proper security measures required for use of their system.
If you are taking monies in-person, be sure to have a card reader that abides by secure measures.
Recommended:
#3 Secure contract signing programs
Legal documents often include personal data and should be delivered/signed through secure systems. Many of the free systems out there do not safeguard this data and can make a client’s personal information (and yours) searchable by a simple Google search.
Recommended:
- Gravity Forms (Great also for client questionnaires and forms)
- DocuSign Ink App for iPad
- MachForm – Embeds into site
- Hello Sign – Online signing
- DocuSign- Online signing
So what if it isn’t a legal issue?
Just because it isn’t illegal, doesn’t make it right. How would you feel if you engaged in a business and this information was divulged without your permission or a notice that there is a possibility of sharing?
Always think before you act.
Check up on changes in policies with programs (payment processors, contract signing, hosting, etc.)
Take responsibility if you mess up and fix it!