SEPTEMBER 2010 Pension Plan tip of the month……

 

Confidential Information: Protect the Identity and Privacy of Plan Participants and Sponsor

 

 

The Federal Trade Commission (www.ftc.gov/idtheft) estimates that 9 million Americans will have their identities stolen each year.  Many of your retirement plan files contain confidential information about plan participants, and it is essential to maintain the security of that data.  Your files also contain personal information not related to identity theft, such as compensation and account balances, which could potentially be abused if it falls into the wrong hands.  It is important to review your processes from time to time to ensure that this information is protected. 

 

Some questions to consider:

·         Has your mail department been instructed not to open mail coming from The Paragon Alliance Group (“Paragon”), your investment advisor, or your investment provider? 

·         Do assistants to the trustees and assigned plan contacts have a clear understanding of which documents they should not view? 

·         Is your company’s IT department restricted from accessing your email or computer files? 

·         Are you using a secure data exchange program like SecureFileX (see more on this below) to deliver confidential personal, plan, and compensation information to Paragon and your investment advisor? 

·         Are employees with access to confidential information subject to confidentiality agreements?

·         Do you lock your desk, file cabinets, or office at the end of the work day or when you are away from your desk for an extended period? 

·         Do you use your fax machine to fax confidential data?  If so, is it located in a secure place?

·         Are discarded documents containing personal information properly shredded or incinerated? 

·         Are hard drives, including that in your digital copier/scanner, properly wiped prior to being disposed of?

·         Do you have a strategy prepared in the event a security breach occurs?

 

Protecting the information you manage is your best defense in maintaining proper security.  Employee communication is also very important.  Employees specifically restricted from access to information should understand that the measure protects them from investigation as much as it protects the information from which they are restricted.  Employees should also understand the disciplinary and legal consequences for improperly accessing or disseminating confidential records.  The FTC offers many resources for educating your staff about protection from identity theft. 

 

As a part of our continuing commitment to data security, Paragon contracts with a secure data service, SecureFileX, to transfer sensitive client and plan data via the internet. This service offers enhanced encryption and the ability to personalize passwords.  If you are a new Paragon client and you are not familiar with SecureFileX, do not hesitate to call us for additional information.

 

Please contact your Retirement Plan Consultant at any time to discuss Paragon’s security measures, to review the procedures for using SecureFileX, or to provide updates to security policies within your company.