‪(480) 285-8227 dave@dealercomply360.com

Clean Desk Policy

Purpose:
The purpose of this Clean Desk Policy is to promote a secure and professional work environment at [Dealership Name] by ensuring that sensitive information and valuable assets are protected from unauthorized access, theft, or loss.

1. Scope

This policy applies to all employees, contractors, and vendors who work at or visit [Dealership Name] and have access to physical or electronic sensitive information, including but not limited to:

  • Customer Non-Public Personal Information (NPI).
  • Financial documents.
  • Proprietary business records.

2. Policy Statement

All employees are responsible for maintaining a clean and organized workspace to protect sensitive information and ensure compliance with privacy, data security, and regulatory standards.

3. Requirements

3.1 During Work Hours

  • Minimize Display of Sensitive Information:
    • Keep sensitive documents, files, or electronic devices out of public view unless actively working on them.
    • Lock computer screens when stepping away from the desk, even briefly.
  • Secure Shared Spaces:
    • Avoid leaving sensitive information unattended in shared work areas, such as break rooms, conference rooms, or service counters.

3.2 End-of-Day Procedures

  • Clear the Desk:
    • At the end of each workday, employees must remove all sensitive documents, files, and devices from their desks.
    • Store items securely in locked drawers, cabinets, or designated storage areas.
  • Secure Physical Assets:
    • Lock up laptops, mobile devices, or any other company-owned equipment.
  • Dispose of Unneeded Documents:
    • Shred sensitive documents that are no longer required for business purposes using a cross-cut shredder or approved shredding service.

3.3 Handling Customer Information

  • Limit Physical Copies:
    • Print sensitive customer information only when necessary.
    • Immediately file or store printed materials in secure locations.
  • Transport Safely:
    • When removing sensitive documents from the premises, ensure they are transported securely (e.g., in locked cases or envelopes).

4. Employee Responsibilities

  • All employees must:
    • Adhere to this policy and encourage others to follow it.
    • Report any observed violations or risks to their manager or the Compliance Officer.

5. Monitoring and Enforcement

  • Regular Audits:
    • The Compliance Officer or designated personnel will conduct periodic audits to ensure adherence to the Clean Desk Policy.
  • Violations:
    • Employees found in violation of this policy may face corrective action, including additional training, disciplinary measures, or termination.

6. Training

  • Provide all employees with training on the importance of maintaining a clean desk environment and how it ties into broader data security efforts.

7. Prohibited Practices

Employees must not:

  • Leave sensitive documents or equipment unattended or in plain sight.
  • Use personal storage solutions (e.g., backpacks, purses) to store company-sensitive materials without authorization.
  • Dispose of sensitive documents in general trash bins.

8. Policy Review and Updates

This policy will be reviewed annually and updated as necessary to ensure alignment with changing security requirements, regulations, and dealership practices.

Acknowledgment
I acknowledge that I have read and understand the Clean Desk Policy and agree to comply with its provisions.

Employee Signature: ___________________________
Date: ___________________________

Manager Signature: ___________________________
Date: ___________________________

This Clean Desk Policy ensures a secure and professional workspace, supports regulatory compliance, and reduces the risk of data breaches or theft. Let me know if you’d like further customization or integration into a broader security framework!