Data Security

Many companies keep sensitive personal information about customers or employees in their files or on their network.  Having a sound security plan in place to collect only what you need, keep it safe, and dispose of it securely can help you meet your legal obligations to protect that sensitive data.  The FTC has free resources for businesses of any size.

Copier Data Security: A Guide for Businesses [PDF]

Does your company keep sensitive data — Social Security numbers, credit reports, account numbers, health records, or business secrets? If so, then you’ve probably instituted safeguards to protect that information. Your information security plans also should cover the digital copiers your company uses.

Disposing of Consumer Report Information? Rule Tells How

Once your business is finished with sensitive information derived from consumer reports, what happens to it then? Under the Disposal Rule, your company must take steps to dispose of it securely.

Fighting Identity Theft with the Red Flags Rule: A How-To Guide for Business

Tips for organizations under FTC jurisdiction to determine whether they need to design an identity theft prevention program.

Financial Institutions and Customer Information: Complying with the Safeguards Rule

Under the Safeguards Rule, financial institutions must protect the consumer information they collect. Learn if your business is a “financial institution” under the Rule. If so, have you taken the necessary steps to comply?

Information Compromise and the Risk of Identity Theft: Guidance for Your Business [PDF]

These days, it is almost impossible to be in business and not have personally identifying information about your customers or employees. If this information falls into the wrong hands, it could put them at risk for identity theft. Find out the steps to take and who to contact if sensitive data is compromised.

Marketing Your Mobile App: Get It Right from the Start [PDF]

Attention app developers! Basic truth-in-advertising and privacy principles apply to your product. It’s important to give the straight story about what your app can do and be transparent about your privacy practices. This start-from-scratch publication from the FTC reminds you to consider your choices from the user's perspective.

Medical Identity Theft: FAQs for Health Care Providers and Health Plans [PDF]

Explains how medical identity theft occurs, and how health care providers and insurers can minimize the risk and help their patients if they’re victimized.

Mobile App Developers: Start with Security

Mobile app developers: How does your app size up? Have your built security in from the start? The FTC has a dozen tips to help you develop kick-app security for your product.

Peer-to-Peer File Sharing: A Guide for Business [PDF]

Most businesses collect and store sensitive information about their employees and customers. If you use Peer-to-Peer (P2P) file sharing software in your business, consider the security implications and minimize the risks associated with it.

Protecting Personal Information: A Guide for Business [PDF] [En español]

Practical tips for business on creating and implementing a plan for safeguarding personal information.

Securing Your Server: Shut the Door on Spam [PDF]

Do the settings on your servers open your system to misuse? An international group of government agencies says a few quick, easy, and no- or low-cost steps can protect your computer systems.

Security Check: Reducing Risks to Your Computer Systems [PDF]

It’s just common sense that any company or organization that collects personal information from customers or employees needs a security plan. Learn more about designing and implementing a plan tailor-made to your business.

Slip Showing? Federal Law Requires All Businesses to Truncate Credit Card Information on Receipts [En español]

What’s on the credit and debit card receipts you give your customers? Under federal law, you must delete the card’s expiration date and shorten the account information to include no more than the last five digits of the card number.