The Direct Marketing Association on Feb. 6 unveiled initiatives to protect personally identifiable information received by its consumer marketer members. It also released an information security checklist in cooperation with the Federal Trade Commission for member companies.
The DMA’s information security guidelines include the following suggestions for marketers:
* establish information security policies and practices that assure the uninterrupted security of information systems.
* create and implement staff policies, procedures, training and responsiveness measures to protect personally identifiable information handled in the everyday performance of duties.
*-employ and routinely reassess protective physical safeguards and technological measures in support of information security policies.
*-inform all business partners and service providers that handle personally identifiable information of their responsibility to ensure that their policies, procedures and practices maintain a level of security consistent with the marketer’s applicable information security policies.
The DMA/FTC checklist, “Information Security: Safeguarding Personal Data in Your Care,” which is a little more detailed, is available at www.the-dma.org/privacy/informationsecurity.shtml. It contains information on creating a security policy, training for security, using available technology to guard personal data, and informing data suppliers and business partners of their responsibilities to meet security specifications.