Identifying and protecting personally-identifiable information (PII) and PCI is challenging for retailers. Stores often maintain sensitive data such as employment applications, credit and debit card information and employee information. These sensitive records are accessible by a highly transient workforce and are always vulnerable to theft and inadvertent disclosure.

With a traveling management workforce, employee and customer information carried on laptops and other mobile devices increases the risk of devastating data privacy breaches. Even today, PII and PCI is often retained in unsecured store rooms and distribution centers, and commonly tossed in easily-accessed, unsecured dumpsters instead of being appropriately shredded.

Through the Assessment for Records Risks™, we collect and benchmark the information clients need to understand how sensitive information is currently being managed and then outline the critical ongoing practices required to ensure compliance with the many unique obligations that retailers face.