Utility companies have a large burden when it comes to records management. These companies manage large volumes of sensitive data and must do so while maintaining compliance with numerous federal regulations. For example, the North American Reliability Corporation’s Critical Infrastructure Protection standards impose numerous requirements on utility companies in terms of both physical and cyber security. Additionally, any utility company that accepts credit card payments from customers must adhere to the Payment Card Industry Data Security Standard. There are numerous other requirements pertaining to the handling and maintenance of utility industry documents. To help maintain regulatory compliance, it is critical for utility companies to follow some important guidelines, which are reviewed below.
Use Layered Defense Strategies
Utilities still generate paper documents. Examples include financial documents, shareholder reports, invoices, repair requests, inspection records, maintenance logs and the like. The National Association of Regulatory Utility Commissioners has created retention guidelines for all financial and operating records of electric, gas, and water utilities. Many documents must be kept for the 10-20 years and certain inspection and maintenance records must be kept, in original form, for the life of the equipment or facility. Naturally, this type of records storage requires a long-term archiving solution, such as an enterprise level document management company that provides a full suite of services.
Utility companies benefit from the use of multiple layers of security when it comes to safeguarding electronic data. This means the use of a firewall in addition to an intrusion prevention system. To properly safeguard data, keep the most sensitive customer data away from sections of the network that are particularly susceptible to being hacked. For example, a utility company should make significant efforts to safeguard its customers’ payment information, even more than other, less sensitive customer information.
Use Effective Management Tools
No matter if a company decides to select an electronic or hard copy file storage solution, it is important to make sure that only authorized users are able to access sensitive records and that those authorized users can get their files quickly when needed. Additionally, utility companies must limit workers’ access to only the applications and data that is required to perform their particular jobs. Armstrong Archives provides utility companies with document organization and storage options that comply with government regulations and allows for easy access to files.
Consider Industry Standards and Government Regulations
Some utility companies discover that building around industry standards is one of the best ways to make sure they are always in compliance with the law. Other utility companies find that it is a better idea to outsource parts of record security by using the services of a document management company. No matter what method is used, it is critical for utility companies to have the most secure record management systems possible that comply with the complex legal requirement placed upon them.
If you operate a utility company and are interested in making sure that your company complies with document storage requirements, don’t hesitate to speak with Armstrong Archives. We offer document storage, scanning, scan-on-demand, shredding, and consulting services. Reach out to us today so that we can begin discussing how to best meet your record storage requirements.
Posted By: Sherri Taylor – President/Managing Partner
Sherri Taylor is the Managing Partner and President of Armstrong Archives, one of the largest independent records and information management companies in the Dallas/Ft Worth area.