The mishandling of data is an issue many businesses face when sending mail. Poor storage and security, dodgy cleansing services and the sale of data is all too common. Many people are left wondering who to trust amongst all this.
By asking these three questions you can make a more informed choice when selecting a mailing house:
- How is my data stored?
- Who will be handling my data?
- What happens to my data after the mailing is complete?
How is my data stored?
This is an important question, as it provides an early insight into a businesses overall attitude to data security.
A successful mailing house will have a number of processes in place for the receipt and storage of data.
Data should be transferred between parties using a specialised secure file transfer software that guarantees data integrity both at rest and in transit. Once data files are received, they should be stored securely to a standard that meets all relevant regulation.
For example, at CMS we store all client data at rest at a single secure site that is monitored 24/7 and includes redundant power and sim backups. All infrastructure storing, or with access to, client information is managed internally. We also use a range of file permissions to restrict access to client data, giving us an added level of control.
Who will be handling my data?
Understanding who handles your data is just as important as knowing how it’s stored.
Generally, it’s better to use businesses that have knowledgeable in-house experts, and a history of delivering solutions securely. These businesses will have strict data handling processes in place internally. They will also maintain accreditations, such as ISO 27001, that display their ability to securely manage data.
Positive customer service reviews and references are a strong indicator of a reliable business. Review sites like Trustpilot are a great place to start. All reviews on this site are impartial and provide an honest representation of a business.
The Risk of Outsourcing
In some cases, mailing houses will not be able to provide a service in-house and will have to outsource to other providers. Most of the time this is completely fine, but occasionally the outsourced provider will be less than reputable.
This third-party involvement can lead to concerns over the security of data. There have been cases of client data being misused through data duplication or the sale of confidential information.
The best way to combat this is to use a mailing house that is capable of handling everything in-house. If this is not an option, ensure your mailing house only outsources to trusted partners.
What happens to my data after the mailing is complete?
Before running a mailing always check what will happen to your data afterwards.
You need to know your sensitive information will be destroyed securely. This includes both digital and physical copies.
Mailing houses should be able to provide a proof of secure destruction or secure return of data. This helps provide full accountability and minimises the risk of data misuse.
When a job is created at CMS, the relevant data is given an automatic 13 month destroy date. This figure can be varied by each customer on a case by case basis. In our experience, many customers opt for shorter destroy dates, with 3 months being a common benchmark. This additional level of control is especially useful when managing extra sensitive mailings.
To maintain accountability, we generate monthly reports for clients that store data with us. These reports detail all the data that is due for destruction in the next month, as well as any outstanding data that is due for destruction.
All electronic data is destroyed using Eraser with 10 passes of a secure method. Non-digital records are securely destroyed by Veolia and a certificate of destruction is provided to CMS upon completion.
Data Secure Direct Mail Solutions
At Central Mailing Services we are experts at providing data secure direct mail solutions.
We are ISO 27001 accredited and adhere to GDPR regulatory standards. Businesses all over the U.K. trust us to securely handle their data through all stages of the direct mail process.