Confidential Information Compromise: Next Steps

Posted by Dustin Rushing

In 2017, a security breach at Equifax caused over 145 million Americans to have their personal information accessed. And that doesn’t count the millions who were harmed or potentially harmed by security breaches at JP Morgan Chase, Target and Uber. You may do everything you can to keep your confidential information out of the hands of identity thieves, but there’s not much you can do if they access it through a company you trust to keep your information safe.

If you find that your information has been compromised, you should take several steps to protect yourself. First, lock or close the account that has been accessed if you noticed the theft because of unauthorized charges or money missing from a bank account. Check account statements for other abnormalities. Lock other accounts that may have issues. Then, take these additional steps:

  • Review your credit reports—all three of them—to make sure there are no new accounts that shouldn’t be there.

  • File a report with the Federal Trade Commission at

  • File a police report with the police or sheriff.

  • Sign up for credit monitoring. You may be offered free credit monitoring if your identity has been compromised. CreditKarma, LifeLock, Equifax, and Transunion all offer credit monitoring services.

  • Contact the credit reporting agencies and have them put a fraud alert on your credit report. You can also lock your credit report.

  • Open new accounts, even accounts that have not been compromised. They may be compromised in the future since the information for those accounts are probably in the hands of the thieves.

  • Change your account passwords for any accounts you are not closing and re-opening.

When you do your part to help keep information confidential, it makes it harder for a rogue employee or a hacker to get into your system and steal client, employee, and other confidential information.

How to Prevent a Confidential Information Compromise

The procedures to protect confidential information are easy enough. In fact, you may already have many of these procedures in place. Part of protecting confidential information in the workplace is restricting employees from certain documents including these examples of confidential information in a company:

  • Employee files;

  • Payroll information;

  • Social security numbers;

  • Master passwords;

  • Files that should only be accessed by those who need to know; and

  • Any personal information, including addresses and birth dates that may be in places other than an employee file.

You should also require your employees to change their passwords every 60 to 90 days. You should also change the password on your servers just as often. Have classes on how to handle confidential documents in the office that are mandatory for all who work for the company regardless of position. These classes will teach everyone how to keep information confidential and will advise of new scams that are going around.

Prevention Tips on Confidential Information

Learning how to maintain confidentiality in the office is not something you do once. You need to keep up on the new technology scams that come out through frequent training. Additional on how to keep information confidential include:

  • Restrict access to digital files by creating password protected directories;

  • Shred all documents that do not need to be kept. Do not just put the documents in an accessible bin or file cabinet—keep them in locked shredding boxes from Carolina Shred.

  • Keep filing cabinets locked and in a locked room. 

  • Shred documents frequently. Do not wait for months to shred the documents. Also, destroy client and employee files as soon as legally allowable. 

  • Never store documents off-site unless you know the security at the storage facility is in compliance.

Contact Carolina Shred

Contact Carolina Shred to learn why is it important to maintain confidentiality and to learn more about our services for businesses and individuals.