The Illinois insurance regulatory agency brought an enforcement action against global insurance company MetLife, Inc., for failing to properly safeguard sensitive customer information. MetLife agreed to pay $75,000 stemming from a January 2010 incident where confidential paper documents containing customer financial information were discarded in a dumpster outside of a former MetLife facility. Information included Social Security numbers, account balances, and birthdates. As part of the consent decree, MetLife must notify customers whose personal data may have been exposed and offer them a free year of credit fraud protection services.

TIP: Companies that handle sensitive customer information should ensure they have adequate safeguards and procedures in place for disposing of such information.