Response to our posting yesterday on the change of the law in Connecticut

Here's a response we just received to our posting on the new law in Connecticut (see posting dated 08Oct07):

Hi Marc,
thanks for the update on the new bill. I printed it off and will review to make sure we are covered. I believe we are doing most of the suggestions already. Your blog is great.
SC

That's EXACTLY the type of response that makes us feel this blog is worthwhile-helping one client at a time...

Please tell others about this law. It affects all of us in one way or another and other states are adding the law to their books.

If anyone has a question about best practices, please contact us for a no-obligation phone consultation.

The law in Connecticut has changed

Public service announcement to my Connecticut clients:
Connecticut Substitute Bill 1089 was enacted as of 01Oct07. It places the onus on each merchant, organization, or company to:

• disclose any breach of personal financial data originating from your location to the authorities without unreasonable delay
• that party shall be liable to a bank whose customers’ personal financial data was compromised, for any costs, to protect their financial interests, including :
  –Cancelling credit or debit cards or accounts,
  –Closing any account or blocking any transactions,
  –Opening or reopening any accounts,
  –Refunding any account,
  –Any assistance to customers.

(highlighting added for emphasis)

HOW DO YOU KEEP THIS FROM HAPPENING TO YOU?

By adopting the credit card payment industry's PCI DSS compliance(Payment Card Industry Data Security Standard), you can make strides towards protecting yourself from this liability:

1. Install and maintain a firewall configuration on any computer to protect cardholder data-these are easy to get and free.

2. Do not use vendor-supplied defaults for system passwords and other security passwords-change them and make them as difficult as possible to guess or steal.

3. Protect stored cardholder data: lock up any receipts or paperwork that contains full credit card numbers and names, addresses, etc. When no longer needed, shred it!


4. Encrypt transmission of cardholder data across open, public networks-do not email this data under any circumstances.


5. Use and regularly update anti-virus software-this is obvious.


6. Develop and maintain secure systems and applications-document the security methods and stick to them.


7.Restrict access to cardholder data by business need-to-know: do not trust employees, in-house volunteers or temp workers with access to this information!


8.Assign a unique ID to each person with computer access-each employee should get an ID and password so you can track the access to this data if you had to.


9.Restrict physical access to cardholder data-lock it up or shred it


10.Track and monitor all access to network resources and cardholder data-again, be careful and question anything that looks suspicious. If you had a breach of security, the sooner you act on it, the better!


11.Regularly test security systems and processes-this helps protect you. Set a schedule to do this NOW so you do not forget.


12.Maintain a policy that addresses information security-write it down, have your employees read and agree to it.


While these steps will not completely protect you (nothing will), heightened awareness of the need to maintain security of personal financial data and documenting the precautions you have taken will avert the serious financial penalties you might otherwise face.


If you have any questions, please let us know.

Time flies...

It's October 1st.

At dinner on Saturday night a friend was lamenting the end of the 3rd quarter and meeting his sales quota. I had lost track of time-I forgot it was the end of the 3rd quarter.

Then I remembered: In August during a summer evening in New York City, we were amazed the convenience stores had started to show their Halloween displays. That candy will certainly be stale at the end of October!

In October we start seeing Christmas and Hanukkah displays.

Soon it will be Thanksgiving.

What does that tell you? The year end is fast approaching.

If cash flow has been a primary focus for this year and you haven't gotten around to improving it, start now. No time like the present.

Ask us how.

National Customer Service Week

The Congress, by Senate Joint Resolution 166, has designated the week of first week of October, as "National Customer Service Week."

I disagree-I think every day of every week should be customer service-oriented.

A client just emailed me with a problem. Knowing the right people to help, I referred him to the vendor (since this was an ID and password issue, it was not something I am allowed to fix, but I knew who could help).

In minutes, the problem was fixed and I received this email from my client:

Marc,
Thanks for the fast return. I was not expecting it so fast. It is all set and up. SUPER!
Thanks again

Paul

Customer service-It's just what we do. Every day.

Out of tragedy, sometimes good things can result

Everyone remembers where they were that fateful day 6 years ago-how the horror of the September 11th terrorist attacks affected each of us personally: our emotions, our fears, our nascent feeling of patriotism, and the effect it had on our business and the economy as a whole.

It took a while, but as a direct result of the planes not flying for nearly a week, Congress enacted the Check 21 regulations allowing banks to submit electronic images of business and personal checks, rather than the archaic method of shipping the paper checks themselves as air cargo from bank to bank for final clearing.

This is a benefit for you in that it speeds your cash flow and reduces the work involved in presenting a deposit. Now check images from your desk can be batched and cleared electronically. It is not perfect for everyone, but for those with limited staff and higher volumes (anywhere above 100 checks a week), this is something worth looking into. We have it, just ask us how.

Wishing you a safe and introspective September 11th. Think of the many attributes of our society that are worth fighting for, in words, actions and good deeds, despite those who wish to dismantle our way of life.

I'll be there

No, I won't sing this in falsetto like Michael Jackson.


I will, however, be there to support you as we approach the renewal of your merchant account contract ahead of its expiration. The idea is to keep you running with the best processor at all times.


But, price and quality go hand in hand.


Just because someone comes in and offers you a better price doesn't mean better service or support. Show me the better price and I will analyze it, describe what is being offered, and if it appropriate for your business or organization, I will meet it or beat it at the time of the contract renewal.

If I have done anything right during our relationship, I hope I have added integrity, high level of service and continuity to your processing, from contract renewal onward...

Please call us first

I read with great amazement in the New York Times last week that Netflix was being complimented for improving its customer service. How? By adding humans in its Washington state call center rather than outsourcing to another company or to another country.

I was amazed because, as a service provider, Netflix decided adding a more human touch was important and Booz Allen Hamilton, a consulting firm, confirmed this suspicion: people hate customer service that seems not to be connected to them or to the service.

Here's a quote from a Booz Allen representative: "There’s so much more competition, this is something they’ve done to get closer to the customer, because without that, there’s really no connection a customer has to Netflix.”
(New York Times, Business section, August 16, 2007 "At Netflix, Victory for Voices Over Keystrokes " by Katie Hafner)

As my kids would say, DUH! How much did Netflix spend to come to that conclusion?
How many times have we all spent hours waiting on a queue to speak to a human only to find that the human had no idea what we needed or we wanted in order to solve the problem?

We have a vested interest in your being satisfied. Our clients get us as the first level in solving a problem. If we cannot figure it out, we will find the right person at the right level at the vendor(s) that can, often without taking any more of your time, saving you the headache, and later we confirm the solution has been finalized. This is one thing that separates us from our competition. Call us first, please.