Keep all documents containing personal information of your clients, customers, and employees under lock and key.
When personal information is held within a computer, ensure that it can only be accessed and tracked by authorized personnel using passwords and is protected with an appropriate level of security/fire walls. When the information has been transferred to the computer, any handwritten information should be shredded.
Shred the customer's personal or account information and receipts before discarding them. Consider keeping shredders within reach of those employees who handle personal/account information on a regular basis.
Create policies to restrict the handling of customer information to a limited number of employees.
Customer personal information such as credit applications, sales receipts/carbon copies should not be temporarily kept within reach of the casual observer. This will help to deter theft by criminals or corrupt employees. Provide a secure receptacle for employees and citizens to throw out applications/receipts or provide informational signs advising them not to carelessly discard these documents.