Nationwide rollout of state and federal legislation to protect customer data can cause your business compliance issues.
Industry research indicates that small to medium-sized alarm companies provide more personal, and in
many cases better, service to the customer. If I asked you whether your service was very good, you
would likely reply, “of course”.
Your office contains a large amount of customer information. It is primarily located in your computers,
but it also exists in your accounting records, customer contracts, service and installation orders, sales
documents and credit card data. This is not an exhaustive list, but you get the point. Do you know
where all this information is at any given moment? Probably not. Better yet, do you know where to find
a piece of information on a customer, and is that information under your control?
You will quickly grasp that you and your employees are likely trying to manage your customers data
without a clear plan to protect it from the bad guys, and YOU are the security experts! Candidly, some
dealers do a good job of managing this information, but they have no way to share that achievement
with their customers.
Our large commercial customers require us to meet stringent security criteria to be accepted by them.
For those of us who service residential and small commercial clients, we need a template and protocols
that will enable us to meet criteria, which demonstrates our concerns and capabilities to safely preserve
our customers important information. This sounds a bit like the “Five Diamond” certification that our
central stations pursue if they want our business. In a broader sense we are looking for the “Good
Housekeeping Seal of Approval” to identify and validate our skills. Clearly, protecting against privacy
and data breaches, identity theft, and fraud occurring through your business isn’t just smart, it is the
law. The states are rapidly passing legislation to protect your customers and the federal government
through the Federal Trade Commission (Red Flag Rules), Department of Health (HHS), Department of
Commerce, and the Department of Justice are each seeking compliance with their rules.
If you answer yes to any of the following questions, you must comply with one or more of these state
and federal laws:
1. Do you collect, process, or store any personally identifiable information regarding your
2. Do you collect, process, or store any financial information about your customer?
3. Do you collect, process, or store any health- related information (PERs services)?
4. Do you collect, process, or store any personal information about your employees?
5. Do you extend credit or payment terms to your customers?
6. Do you provide products or services and then invoice your customer?
7. Do you accept credit cards as a form of payment?
8. Do you share customer information with any third parties (central stations)?
The above questions are all consuming. It is unlikely that you did not say yes to at least one of the above
questions. It is important for the industry to take these rules seriously and develop the plans required
for compliance. There needs to be a solution that takes care of everything in a simple, affordable
● We must protect against lost or stolen employee and customer information.
● We must seek compliance with information security and privacy laws, and regulations.
● We must avoid costly penalties and fines.
● We must build customer confidence, sales, and referrals.
Next month we will examine a possible solution to the issues raised above. However, it is very
important that our industry recognize these issues that have developed because of our use of
technology. Building security for the “Digital Front Door” is crucial, since we have already closed and
locked the “Physical Front Door”.
Tony Smith is the founder and President of Security Funding Associates, a 20yr. Brokerage, and
Advisory Services firm, located in Los Angeles CA. He is a licensed alarm dealer, past President of the
CAA and former Board Member of ESA. Tsmith@securityfundingsolutions.com * (626) 795-9199
Originally published in The Mirror on 6/12/19