What price am I willing to pay for personal data security?

Let me demonstrate how serious this is to me with a short story.

In the summer of 2020, our family experienced two significant losses as a result of the pandemic that is the covid19 virus or the corona virus.  As a result of these losses, we realized that our financial advisors – tax, financial, legal all needed to be re-evaluated.   Well, as part of vetting new advisors, potential providers would ask that we share information with them prior to our conversation.  This is fair and standard as we understood it to be. 

However, given we both worked in financial services and the many cybersecurity issues we have each seen and experienced, we were neither satisfied with just emailing our documents to these providers or even password protecting the information to someone we might not eventually hire.  Me, having personally seen and tested a certain market data provider and other institutions’ information technology risks and controls.  My partner, being part of Technology in various large financial organizations.  We knew better than most the price of breached information it can cause an organization or a family.

When it came time to look at a new tax advisor, I decided that not only will we send the information protected, I was also going to “white-out” all the places in our previous year’s tax returns where we have social security numbers.  What I thought would be a 30 min exercise became a much longer task.  After 2 hours, I finally gave up trying to do this electronically on my desktop and decided I was going to print the document (all  90 pages) out on the printer at the location we were staying at, blackout the ss# with a Sharpie, and then scan the pages and send to the tax advisor via our secure portal. 

Much easier excersise, exept that there was a glitch with the printer and the document ended up printing twice.  After sharing the electronic document, I now had 180 pages with our social security visible on half the pages  and the other half only our names and income. Yikes! 

I knew I had to shred the pages.  However, the nearest shredder at a Staples which was 40 minutes from where we were.  So, I said to myself, I will put the pages in a safe place and make it a point to go to Staples later that week.

Guess what?  I never remembered to go to Staples! 

It was Sunday noon, while I was setting up our zoom call with the potential tax advisor that I realized I had left all 180 pages in the drawer of the place we just drove 4.5 hours from the day before. 

Now comes the price.  Do I really need to go back and get the document myself for a roundtrip of 9 hours? 

I thought about it for maybe 2 minutes, dumbfounded by my own scatter-brain.  The answer, of course was Yes.  After meeting with the tax advisor, I drove to the place and then was back home at 11pm that night, with the papers.

While my team and I have always taken the privacy of client information seriously, this experience has led me to draft this specific statement regarding the privacy of your data.

At ALLIA, your information is protected utilizing data encryption, multi-factor authentication, and a clean-desk policy which means minimal hardcopy and shredding.  When we work with other service providers and subcontractors, they will sign an agreement to abide by these standards prior to working with us. If we find that we accidentally misplaced your information, we will be responsible for retrieving it at our own cost.  If we find that we are breached by intruders, we will notify you as soon as we know and help in the effort to recover the information.

Related Posts

Leave a Reply