According to a recent survey, 90% of people worry about their data privacy, yet most feel powerless to protect it. We don’t want you to feel this way when it comes to your enrollees’ data. While Delta Dental has cyber risk experts and safeguards in place to keep enrollee data secure when we’re handling it — including personally identifiable information (PII) and protected health information (PHI) — you can take some simple steps to keep enrollee data private when it’s in your hands too.

We asked some of our cyber risk specialists for their top tips to help you safeguard private enrollee data.

Keep (and share) only what’s needed
The more private enrollee data you have, the bigger the risk. If the data has already served its purpose and there isn’t an operational or legal need for it, it’s best to destroy it. The same principal applies when sharing sensitive information — send the minimum amount needed to get the job done.

Slow down, and check before you send
Before you transmit any private enrollee data, double check that you’re sending the correct information to the correct recipient. This may sound like common sense, but one of the most common types of privacy incidents is sending sensitive data to the wrong person — electronically or via snail mail. Be sure that you have the most current enrollee addresses, and always update any necessary partners who may also need them (like us!).

Build a strong virtual defense
Password protection is a key player, but it’s just one part of the privacy defense. Using a VPN for remote access, maintaining strong firewalls and conducting regular vulnerability scans are also crucial to data privacy. If you’re sending any sensitive data through email, be sure to do so safely, such as through secure file transfer processes (SFTPs). And don’t forget about that data when it’s not in transit — using encryption for data at rest adds an extra layer of defense. (Pro-tip: Never store private, sensitive data in your email.)  

Empower yourself and your team
Data privacy can seem overwhelming without the right training. Cyber risks are always evolving, like phishing scams that have gotten so advanced, it’s difficult for most people to spot a fake. That’s why it’s so important for anyone who handles PII or PHI to receive regular training to identify threats and keep enrollee private data safe.    

Want more tips like these? Subscribe to Word of Mouth, our newsletter for benefits administrators, human resources professionals and businesses.

Are you a broker, agent or consultant? Subscribe to Insider Update, our newsletter for benefits producers.