Kroll Fraud Solutions Blog – A Dialogue on Data Security

Businesses often request a lot of personal identifying information (PII) from their customers. Quite often, these are legitimate requests intended to facilitate a business transaction. But there are many organizations that don’t practice sound data minimization tactics and gather all sorts of unnecessary information from customers. For instance, businesses often request Social Security numbers (SSN) as a matter of routine. The question is: does the business have a legitimate need for the SSN?  If so, what policies and procedures are employed to protect this customer data?

One of the most popular New Year’s resolutions involves putting oneself on a diet – but perhaps consumers should really consider a “data diet.” Kroll strongly advises both its corporate clients and consumers to practice data minimization to dispose of old, outdated or unused data. The practice is important to data security because thieves can’t steal what you don’t have. It’s a great “exercise” for consumers, too, because everyone has a tendency to unnecessarily gather and carry plenty of paperwork, emails, and other items that hold sensitive personal information – items that serve no other purpose than as a liability for theft or loss.