If the US experience is any guide, security of customers’ personal information is not generally effective.
Since 2003 California law requires notice of security breaches and other US states followed.
The Privacy Rights Clearinghouse has A Chronology of Data Breaches Reported Since the ChoicePoint Incident. It records data breaches which have been reported because the personal information compromised includes data elements useful to identity thieves, such as Social Security numbers, account numbers, and driver’s license numbers.
The list identifies a range of ways in which data has been lost or stolen. Would your security prevent similar breaches?