Agency Responsibility to Protect Confidential Information
Egg Donation and Surrogacy Agencies house very sensitive information from social security numbers, medical records, to anonymous egg donation contracts. As the record keeper, it is the agency’s responsibility to protect this information with the proper security measures. Each year new cyber threats emerge and make security even more challenging. It is the Agency’s duty to continuously assess the risk for potential breaches and protect sensitive information or potentially be held liable for negligence.
Agencies need to perform annual stress tests on their network, hardware, software and databases.
All confidential information should be backed up at to least one off site locations.
Agencies should invest in an Enterprise Next Generation Firewall to secure their local office network.
Agencies should acquire cyber liability insurance coverage to protect against any website or databases breaches of security.
Databases should be password encrypted. Agencies should require a letter and number combination password with a minimum of 6 characters.
Websites should be hosted on a virtual dedicated server to minimize security breaches.
Website should be built on Secure Platforms to ensure proper levels of security.
Any physical files with private information should be protected under lock and key.
The location of the physical files should be guarded by a comprehensive security system to protect information from theft, tampering and fires.
There should be a company policy on the disposing and cleaning of old computers, printers and sensitive data.
Agency should establish a security breach procedure protocol.