New privacy laws may have created new liability for your company. Some of the new requirements to safeguard company confidential data include, but are not limited to:
1. Appoint an Information Security Officer for your company,
2. Educate your employees by holding the required meetings on privacy and security compliance,
3. Create a mitigation plan,
4. Have and train on your company’s Non-Public Information Policy and follow the policy,
5. Document all "Good Faith" measures and keep in your file as proof of your willingness to comply with these new laws.
Your Company now may have liability if you lose data and are non- compliance with these new laws. Even without a breach your company may be liable for substantial fines and penalties which could have a negative financial impact on your business or company.
FACTA, HIPAA, Gramm Leach Bliley Act, New Jersey Identity Theft Law and various other laws have created bankruptcy level exposure around your company's responsibility to safeguard data.
The FTC Red Flag Rules which was signed into law on Jan 1, 2008, and takes effect June 1, 2010 could make you directly liable for all of the vendors that have access to the sensitive data of your employees and customers.
Identity Theft Prevalent at Work
“With the workplace being the site of more than half of all identity thefts, HR executives must ‘stop thinking about data protection as solely an IT responsibility,’ says one expert. More education on appropriate handling and protection of information is necessary, among other efforts.”
“ID Thefts Prevalent at Work”, Human Resource Executive, April 5, 2007
The Cost to Businesses
- Employees can take up to 600 hours, mainly during business hours, to restore their identities.
- “If you experience a security breach, 20 percent of your affected customer base will no longer do business with you, 40 percent will consider ending the relationship, and 5 percent will be hiring lawyers!”*
- “When it comes to cleaning up this mess, companies on average spend 1,600 work hours per incident at a cost of $40,000 to $92,000 per victim.”*
*CIO Magazine, The Coming Pandemic, Michael Freidenberg, May 15th, 2006
Our company can assist you in making a reasonable attempt to comply with many of these new laws and at no cost to your business. We may even be able to assist your company in mitigating some of the potential liabilities you may have under these new laws.
0 comments:
Post a Comment