Privacy and Data Security Best Practices—And Why They’re Good for BusinessNews | April 24, 2014
L. Elise Dieterich, an attorney with Kutak Rock, presented an educational seminar, “Privacy and Data Security Best Practices—And Why They’re Good for Business” on Thursday, April 24, 2014. Held in conjunction with Commercial Law WebAdvisor, this webinar provided in-house counsel, corporate attorneys, technology attorneys and employment attorneys the tools to better protect their organizations' private data.
Privacy and Data Security Best Practices—And Why They're Good For Business (seminar event details)
This seminar covered seven keys to better protect the private data held by business organizations:
How to identify private information that needs to be protected
Simple steps to contain sensitive information
The five basic steps for managing data security risks
The state and federal privacy laws businesses may need to comply with
How to develop a privacy compliance plan
Why addressing privacy in employee training and vendor contracts is crucial
The key steps to take to respond to a data breach
Businesses and 'Data Hygiene'—The Background Story:
Businesses collect, use, store, buy, sell and manage an ever-increasing quantity of sensitive information about their customers and employees. While most recognize that loss or misuse of this information can subject them to significant legal liability—not to mention reputational harm—many are in the dark about how best to address the ever-growing list of privacy and data security rules. Inadequate privacy and data security procedures can create needless risk and potential legal liability.
The good news is that establishing good “data hygiene” practices need not be difficult or unduly complex. By following a few simple rules, businesses can protect themselves and the sensitive information they hold, often without significant additional expenditures. The first step is to understand the risks and your business's compliance obligations.
Simple steps, such as collecting only the information necessary, and securely destroying information when it is no longer needed, can dramatically decrease exposure to privacy and data security concerns and risk. Once an organization understands how and why it needs to protect private information, developing a compliance plan, training employees to follow it, and ensuring that vendor contracts contain the proper protections become achievable. And, in the event the worst occurs (and it will), advance planning enables businesses to respond to a data breach swiftly and appropriately, limiting the legal, financial and reputational damage.
To learn more about this topic or future seminars covering the legal aspects of privacy and data security, please contact Elise Dieterich or your Kutak Rock attorney in the Privacy and Data Security Practice Group.