The do's and don'ts of protecting insurance client information
The insurance industry has a professional responsibility to make sure client personal information is not easily obtained by criminals.
Insurance work typically requires a lot of a client’s personal information in order to create policies, process claims, and payout reimbursements. This is just the type of private, financial data craved by malicious parties on the internet, and they go to great lengths just for a chance to obtain it.
As are insurance clients demand their insurance providers and agencies communicate quickly and efficiently, insurance agencies have been moving away from the traditional postal correspondence. Email, text and the like are faster and more convenient, but they also introduce more risk.
As with any business, it’s your professional responsibility to make sure you’re safeguarding your clients’ information to the best of your abilities, employing all the necessary security practices to make sure it’s not easily obtained by criminals.
In our current environment of large corporations suffering major data breaches on a regular basis, customers are more concerned with security than ever. They’re going to ask you certain questions and will be paying attention to how you handle confidential data.
Here are a few don’ts when it comes to handling client information and documents:
Don’t: Send documents containing sensitive information to your clients via email. Also, avoid asking them to email you documents.
Email attachments are not as safe as you think. When you share documents via email, you’re placing your trust in multiple email providers and their servers that they are secure and not susceptible to getting accessed by hackers. There have been instances of messages and attachments getting intercepted by malicious parties through insecure email servers.
More clients are wising up to the security of email attachments and won’t be happy that their private data is being shared this way. Instead, take security into your own hands and use a service that allows you to directly share files between your system and the client.
One solution for secure communications
A document management system can provide instant, secure file-sharing. Rather than sending your client the document as an attachment, they’ll instead receive a link that takes you directly to the document management interface, through an encrypted connection. Rather than having the document sit in an unknown email server, the client can directly download the file. Likewise, they can use the connection to send you documents.
Don’t: Save sensitive documents in an office-wide network drive that all employees have access to.
Network drives are useful for quickly sharing files between coworkers, but for long-term storage, it could be a recipe for disaster. All it takes is for one user’s password to fall into the wrong hands and everything in the drive is at risk. If your network storage is an open book, it’s time to implement a more judicious system.
Role-based permissions allows you to efficiently assign permissions to users to access certain documents and folders within the system. You can create groups of users to mass-assign permissions to them. A user without permissions for certain folders and files won’t even be able to see them in the system.
Don’t: Use a system without multi-factor authentication.
As mentioned earlier, all it could take is one user to mishandle their password, allowing outsiders to gain access to the system. This is commonly done through phishing, a simple technique used by hackers to deceive employees into giving up their passwords willingly.
While employees should be trained to spot and report phishing attempts, multi-factor authentication can go a long way toward thwarting attempts to break into the system. It requires not just a password, but a second form of authentication, usually in the form of a key or temporary pin code only the user can access. Some systems allow the use of biometric authentication like a fingerprint reader.
Andreas Rivera is a technology writer with experience in both reviewing and marketing tech services and products. His areas of expertise include writing about B2B, SaaS companies and how they best address the pain points of businesses. Since early 2019, he has been the Marketing Content Writer for eFileCabinet and has become well versed in how document management software helps businesses reinvent their manual processes and spur growth. Contact him at arivera@efilecabinet.com.
These opinions are the author’s own.
See also: