Business & Finance
07:15 PM
Stephanie Stahl
Stephanie Stahl

Editor's Note: Data Protection Isn't Optional

It's tax season. For the past few months or weeks, you've probably been sharing lots of personal financial information with your accountant or financial planner or you're doing your own taxes and filing online to the IRS. But maybe you're feeling a bit antsy with all the data-security breaches in the news, and you call your accounting firm to check their privacy and security policies. "Hi, may I speak to your compliance officer?" you ask. "Who?" the receptionist responds. "Your compliance officer. The person in charge of making sure the firm is in tune with the Gramm-Leach-Bliley Act." The receptionist responds, "Oh, yeah, that's the new hip-hop band my teenagers are listening to, right? Sorry, I don't know anyone here who knows anything about that band, but if you need some extra W2s I can send them to you." "No, I'm talking about customer privacy," you say. "Oh, yes, we have a privacy policy that we send to all our customers, and we post it on our Web site," the receptionist says. "Yes, I'm aware of that, but does the firm secure my personal data? The privacy policy is no good if it isn't enforced. Is there a compliance officer I can speak with? You have a compliance officer, right?" "Uh, let me get back to you on that," the receptionist responds.

The problems going on with ChoicePoint and Bank of America are just the tip of the iceberg if you ask Robert Chastain, general counsel of Ceeva Inc., whom I spoke with last week. His firm, a systems integrator and compliance auditor, was hired last year by a nonprofit group to do surveys assessing compliance with the federal law designed to protect consumers from identity theft. (CPA firms, tax preparers, and similar businesses all must comply, regardless of their size.)

"We found 90% noncompliance in every industry we surveyed," he said. "One large regional investment firm we surveyed used 'Password' for the password on every computer in the office. So you have as much to fear from your own accountant or investment adviser as you do from ChoicePoint."

Here are other good questions posed by Ken Casey, senior VP of retail banking at ATB Financial (see story, "Data In Peril"). "Are we doing anything that could compromise the security of customer data? What steps have we taken, and is there anything else we can do?"

Stephanie Stahl,

To discuss this column with other readers, please visit Stephanie Stahl's forum on the Listening Post.

To find out more about Stephanie Stahl, please visit her page on the Listening Post

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of October 9, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll