The federal government has not adopted comprehensive federal privacy regulation, but instead focuses privacy regulations on particular classes of information, such as protection of children, healthcare privacy, and financial privacy rules. However, most states have adopted data breach legislation. Some states require information security protections and/or contractual protections for sharing information with others. As you might expect, there are current regulations of your data, particularly if you suffer a data breach.
Due to expanding privacy laws, you should protect personal information, as follows:
- Determine what information you maintain and where it is kept.
- Determine when such information is shared with others.
- Consider whether each employee that has access to personal information needs such information to perform their jobs.
- Evaluate whether others need all of the information you are providing to them and whether they have appropriate security in place.
- Procure or update and maintain internal policies and procedures to protect such personal information.
- Procure or update and maintain a data breach response plan in accordance with the federal and state laws that apply to your business.
Important Proviso: The above material does not constitute legal advice and should not be relied on. It does not create an attorney-client relationship. Each locality has differing laws. A legal matter cannot be satisfactorily resolved without a comprehensive review and analysis of all the unique facts and laws at issue by an able attorney. Your matter may result in a loss of rights if you do not timely retain such an attorney.
Contact: If you would like to discuss this matter further in a more private forum, please feel free to contact me directly at the email address provided through my firm’s website located at http://www.BealBusinessLaw.com.