Data Protection and Privacy Law
Data protection and privacy law involves the relationship between the collection and dissemination of personal data and sensitive information. Data protection and privacy issues exist wherever personally identifiable or sensitive information is collected and stored. One of the main challenges to managing a business today is the growing list of laws in this area. With the dramatic rise in identity theft, data breaches and cybercrimes, data protection and privacy laws have been popping up at both the state and federal level. Businesses must be aware of these laws and comply with them. We can help your business in managing the risks associated with data protection and privacy laws by counseling you in many areas, such as:
- How data protection laws apply to your organization;
- How sensitive information should be collected and stored;
- Risk assessments to determine privacy and data protection gaps;
- Data breach notification laws and properly responding to data breaches;
- Developing and implementing awareness, education and training strategies;
- The Gramm-Leach-Bliley Act and other laws that apply to data collection and protection;
- The legal issues surrounding outsourcing personal data processing operations; and
- Developing and implementing a compliance program.
Every business handling sensitive information, including customer or employee data, should be concerned about safeguarding the privacy and security of the information. All employees who deal with sensitive information need to be aware of the laws, rules and legislation surrounding data protection and privacy rights. Complying with these laws requires awareness by your staff as well as a culture that encourages secure data handling practices. Many data breaches occur through a lack of awareness or cultural inertia about data protection. The consequences of a breach in data protection and privacy laws could include fines, lawsuits and bad PR.