The Chambers Group
Your Subtitle text

Data Safeguarding


Is Your Company Keeping Information Secure?


Are you taking steps to protect personal information?  Safeguarding sensitive data in your files and on your computers is just plain good business.  After all, if that information falls into the wrong hands, it can lead to fraud or identity theft.  A sound data security plan is built on five key principals:
  • Take stock.  Know what personal information you have in your files and on your computers.
  • Scale down.  Keep only what you need for your business.
  • Lock it.  Protect the information in your care.
  • Pitch it.  Properly dispose of what you no longer need.
  • Plan ahead.  Create a plan to respond to security incidents.

_________________________________________________________________________________________________________


IMPORTANT LEGISLATION

  • FACTA and FACTA Red Flags Rule
  • Fair Credit Reporting Act
  • HIPAA Security Rule
  • Gramm, Leach, Bliley Safeguard Rules
  • Individual State Laws regarding Privacy, Data Loss and ID Theft
Civil and Criminal liabilities can range from $1,000 to $1 Million in fines and
penalties which may include jail time up to 10 years for executives


Be sure to check with your attorney on how these laws may specifically apply to you.

_________________________________________________________________________________________________________

American Bar Association Journal (ABA)
"Stolen Lives"        March 2006
 
Betsy Broder of the FTC: 
     -The FTC will act against companies that
      don't protect customers' data.

                                             
"...all business should look to that law for guidance on how to protect consumer data.  At a basic level, she says, that means businesses need to have a plan in writing describing how customer data is to be secured and an officer on staff responsible for implementing that plan.
Many large businesses entrust such planning and execution to a chief technical officer or chief privacy officer.  Broder says she understands that most small businesses cannot be expected to hire a full-time privacy specialist, but she adds that all businesses must be able to show they have a security plan in place.
'We're not looking for a perfect system,' Broder says.  'But we need to see that you've taken reasonable steps to protect your customers' information.'"
                                                                           -"Stolen Lives", ABA Journal, March 2006

_________________________________________________________________________________


HR Data Breaches Can Leave Holes In Corporate Pockets
This article includes tips for business owners and managers
on limiting  employee's identity theft risk and company liability.
click here

 
To view a list of U.S. Companies that
have reported data breaches since January 2005,
click here


________________________________________________________________________________________________________


DISCLAIMER
The laws discussed in this information are, like most laws, regularly amended and interpreted through legal and social challenges.  You are encouraged to review the laws and draw your own conclusions through independent research.