Poorly or improperly managed company information, documents, and files have a dangerously high potential to paralyze both growing and already-established businesses.
Leading to financial disasters including business identity theft, data breaches, and legal implications down the road, a business’s documents can be their Achilles if their information is ever stolen or exposed.
As a result, this consequently poses a new question for business owners to now ask themselves: What steps are you taking to safeguard your own company information, and how well are you addressing all your risks?
Here’s a few of the most common threats that stolen, lost, or mismanaged files and documents can leave businesses grappling with, as well as strategies for how you can help you to sidestep the blunders of past businesses.
Business Identity Theft
According to the Better Business Bureau, identity theft is a crime that affects over 9 million people and costs over $56 billion to the economy every year. However, the cross-hairs of identity thieves are now expanding to not only include individuals, but businesses as well.
Business identity theft is when a criminal steals a business’s sensitive information and identity, afterwards using it to fraudulently establish lines of credit with banks or retailers. Tactics such as rummaging through garbage and intercepting or rerouting mail are just a few of the common tactics thieves use to steal sensitive files and documents.
The devastation inflicted on the victim business can be severe. The business’s credit history can lead to denial of credit—eventually leading to operational problems down the road. Compounding this, the cost to repair and correct the damage done to the business can range upwards of hundreds of dollars on top of countless hours of lost time.
To best protect your business from potential identity theft, it’s important you ensure only documents that are necessary to your business operations or have legal retention requirements are kept and maintained. The more files a business has, the greater the odds are for them to be stolen or misused.
Businesses should be sure to shred all remaining documents and are strongly recommended to use cross-cut shredding to eliminate the chances of paper shreds potentially being put back together. Businesses needing both small and large-volume shredding have numerous document destruction service options to help with dealing with shredding without sacrificing labor costs.
With recent disasters such as the Yahoo data breaches as just one example, data breaches involve both the intentional and unintentional release and exposure of sensitive documents and information.
Data breaches are frequently the cause of improperly implemented security measures or human error, and can inflict potentially crippling direct and indirect costs on businesses.
On the forefront of direct costs, laws such as HIPAA which govern the safeguarding of personally identifiable information (PII) or personal health information (PHI) come with significant fines for noncompliance should any information be stolen or exposed.
In terms of indirect financial impact, many states have now passed data breach notification laws, which require breaches businesses to notify all affected individuals as well. As past examples show, word spreads quickly through the grapevine and will eventually lead to a serious blow to the business’s brand reputation.
To prevent data breaches, best practices include ensuring your business uses encrypted information such as emails and documents, avoids using or posting information on the internet without proper security protocols, and regularly updates and educates employees on breach risk-reduction practices.
As briefly mentioned before, documents requiring specific retention periods are some of the necessary documents your business does want to keep around—however it’s important to remain aware of the delicate line businesses need to walk when it comes to how long they hold on to information.
If, on one hand companies are either knowingly or unknowingly negligent of retention guidelines and shred or dispose their documents too soon, this can quickly land the business in hot legal water.
In the event of a lawsuit or other legal claim, companies are required to produce all relevant documents pertaining to the investigation. If they’re already destroyed before the required retention period has expired, the business will be swiftly met with steep fines for obstructing or interfering with the investigation.
In 2017, banking icon Morgan Stanley became a perfect example when the SEC laid down a $13 million fine for failing to maintain client records per regulations, however at the same time, retaining documents too long has also come back to bite businesses.
In the event of an investigation much like the one Morgan Stanley recently underwent, businesses are required to produce all documents relevant to the ongoing investigation—including those that are past their retention period and are no longer necessary to keep.
In these instances, businesses have often been exposed to further legal liability that could have been avoided with adherence to a proper retention schedule, and as with any other of the risk factors a business’s documents and files may be exposed to, the financial implications to businesses can be both severe and long-lasting.
Image from http://sos.tn.gov/business-services/business-entity-filings