Keeping Data Safe

Posted on June 06, 2014
Posted By: Harry Stephens

Almost every company today has access to considerable quantities of sensitive information regarding their customers. As a result, it has become critical to have the proper controls in place that fully protect customer data and company information. Even the slightest data breach can lead to irreparable damage to a company's reputation, as well as leading to lawsuits or regulatory fines.

It starts with taking a global view

While the term "identity theft" has become synonymous with the thought of computer hackers, the truth is that that there may be vulnerabilities within your own operations that frequently lead to accidental privacy violations-which can be equally damaging. The risk of data loss through the Internet is obvious, but the security risks that are involved with people taking work home via laptops, portable USB devices, etc. can be overlooked. In this regard, important considerations include whether you have a system in place (and a policy) that ensures your employees are shredding all sensitive documents or have limited access to sensitive data.
Some questions to consider when determining how well your utility is identifying and tackling the risks of data loss include:

  • - Are the appropriate resources readily available to do an effective assessment of risk and install more effective controls if necessary?
  • - Is redundant customer data disposed of securely?
  • - How is all customer data stored in electronic databases?
  • - Are the proper controls in place to limit access to customer data and prevent it from being misused, lost or stolen?

How the questions are answered may make it immediately clear what the necessary next steps should be.

Finally, certifications count

Many utilities have chosen to outsource their document processing, distribution and billing solutions to a reputable third-party provider certified in operational excellence and security. If that is the path your company chooses, it is important to ascertain if the third-party provider is independently certified in the industry standards mandatory to security compliance.

The top three certifications to ask about are:

  • - SSAE 16, Type II (Statement on Standards for Attestation Engagements No. 16) Certification - SSAE 16 is an accreditation awarded by the American Institute of Certified Public Accountants (AICPA) and ensures that all outsourced documents are handled in a secure, reliable and stable environment with tight process controls in place.
  • - PCI DSS 2.0 (Payment Card Industry Data Security Standard) Compliant - The PCI DSS is a globally instituted security standard for all merchants and service providers who accept credit card information; it is designed to keep customer payment card data secure and prevent payment cardholder data fraud.
  • - Sarbanes-Oxley (SOX) - Any organization fully trained in SOX regulations ensures that its clients are compliant with all corporate accounting controls required by U.S. federal law.

Protecting and ensuring compliance for every business today is more than a full-time job: it requires 24/7 monitoring of all data, networks and internal processes. The security of your data should be priority-one and it is important to implement the proper protections, whether internally or by partnering with a third-party provider. Without these fundamental controls, there is a definite opportunity for data to be unmonitored, leaving a utility open to a multitude of risks that with the proper planning and processes can be averted.

Authored By:
Harry Stephens is President and CEO of DATAMATX, one of the nation’s largest privately-held, full-service providers of printed and electronic billing solutions. For more information about DATAMATX, visit or call 800-943-5240.

Other Posts by: Harry Stephens

Related Posts

Why the energy industry should go digital By Pandurang (Pradeep) Naik

Add your comments:

Please log in to leave a comment!
back to top

Receive Energy Central eNews & Updates


Kick Starting Your Big Data Journey with Hadoop

Wednesday Oct 7, 2015 - 12:00 PM Eastern - Virtual Event

The utility industry is undergoing a powerful transformation, and big data is right in the thick of it. As utilities wrestle with challenges of distributed energy resources, renewed emphasis on customer engagement, improving grid reliability, upgrading transmission infrastructure and more, more...

Save Energy, Save Money: Energy Analytics Goes Mobile

Thursday Oct 15, 2015 - 12:00 PM Eastern - Virtual Event

In its quest to continually maintain its high customer service, ensure customer retention and lead the market, Greenchoice Utility, the largest green and renewable sources energy provider in the Netherlands, partnered with ONZO Ltd., to develop a new mobile customer more...

Knowledge Executive Summit

Monday Nov 2, 2015 - Wednesday Nov 4, 2015 - Miami, Florida

Accelerating Knowledge Transfer Among Utility Leaders. Today's utility leaders have to contend with intense schedules and receive a host of invitations to meetings and trade events that do not deliver tangible benefits. Through Knowledge Executive Summit, utility leaders can participate more...

Sponsored Content