Information Security


Every organization has information of its own (e.g., trade secrets) that is and valuable and should be kept confidential. In addition, organizations that handle certain types of third-party information (e.g., personal healthcare information or consumer financial data) are required meet strict privacy and/or security standards imposed by federal and/or state laws. These laws generally require organizations to (a) put policies and practices in place to protect the privacy and security of all forms of information; and (b) train employees to recognize what information must be protected, understand how to handle and protect the information, and know what steps to take in the event of a security breach.

Certain basic employee practices are common to all data-privacy and data-security laws and policies, including —

  • Accessing sensitive, private or confidential information only as authorized and only to the extent necessary to perform job-related functions;
  • Storing paper documents in secure spaces, such as locked file cabinets;
  • Destroying sensitive, private or confidential information once it is no longer needed and in accordance with the organization's record-management policies and procedures;
  • Never leaving computer terminals unattended when confidential information is on the screen;
  • Using a strong (hard-to-crack) password for access to the organization's computer network and prohibiting the sharing of employee passwords with others, including co-workers;
  • Regularly checking for and installing security-related operating system updates and anti-virus software on computers and devices used for work;
  • Avoiding opening suspicious e-mail attachments; and
  • Taking special precautions while working in the field or at home to ensure that sensitive, private or confidential information is secured in laptop computers, mobile devices and briefcases.

© WeComply/Thomson Reuters

Key Resources

For your convenience, ACC has compiled the following key resources to assist you in your compliance efforts.

For more try searching ACC's online library for "Information Security"

This site uses cookies to store information on your computer. Some are essential to make our site work properly; others help us improve the user experience.
By using the site, you consent to the placement of these cookies. Read our privacy policy to learn more. Hide this message