Sensitive Information Policy

Order Communication PolicyDownload Sensitive Information Policy

Sensitive Informatio PolicyThis policy covers the treatment of Credit Card, Social Security, Employee, and Customer Data.  The policy is 15 pages in length. This policy complies with Sarbanes Oxley Section 404.

The policy applies to the entire enterprise, its vendors, its suppliers (including outsourcers) and co-location providers and facilities regardless of the methods used to store and retrieve sensitive information (e.g. online processing, outsourced to a third party, Internet, Intranet or swipe terminals). 

General privacy guidelines that should be followed are:

  • Collect and process only the minimum amount of personal information necessary to achieve the identified purpose of the product or service;
  • Provide clear and unambiguous information about how personal information will be used to allow users to provide informed consent;
  • Create privacy-protective default settings;
  • Ensure that privacy control settings are prominent and easy to use;
  • Ensure that all personal data is adequately protected, and
  • Give people simple procedures for deleting their accounts, and honor their requests in a timely way.

Individual Policies

All of the policies that are provided here are contained within one or more of the templates that are on this site. These policies have been added as individual documents in WORD format for those clients who just need this particular policy.  All policies are Sarbanes-Oxley compliant.


Internet, E Mail, Mobile Device, Electronic Communication, and Record Retention Policy

Electronic Communication PolicyThis policy is is compliant with all recent legislation (SOX, HIPAA, Patriot Act, and Sensitive information), and covers:

  • Appropriate Use of Equipment
  • Mobile Devices
  • Internet Access
  • Electronic Mail
  • Retention of Email on Personal Systems
  • E-mail and Business Records Retention
  • Copyrighted Materials
  • Banned Activities
  • Ownership of Information
  • Security
  • Sarbanes-Oxley
  • Abuse

Included are these ready to use forms:

  • Internet & Electronic Communication Employee Acknowledgement
  • E-Mail - Employee Acknowledgement
  • Internet Use Approval Form
  • Internet Access Request Form
  • Security Access Application Form

    Dowload TOC electronic comunication policy


Travel and Off-site Meeting Policy

Travel Off-site Meeting Policy Travel and Off-Site Meeting Policy - Protection of data and software is often is complicated by the fact that it can be accessed from remote locations. As individuals travel and attend off-site meetings with other  employees, contractors, suppliers and customers data and software can be compromised.  This policy is four page in length and covers: