The Federal Trade Commission (FTC) has published an updated version of its Protecting Personal Information: A Guide for Business.
A sound data security plan is built on 5 key principles:
- TAKE STOCK. Know what personal information you have in your files and on your computers.
- SCALE DOWN. Keep only what you need for your business.
- LOCK IT. Protect the information that you keep.
- PITCH IT. Properly dispose of what you no longer need.
- PLAN AHEAD. Create a plan to respond to security incidents.
Most companies keep sensitive personal information in their files—names, Social Security numbers, credit card, or other account data—that identifies customers or employees.
This information often is necessary to fill orders, meet payroll, or perform other necessary business functions. However, if sensitive data falls into the wrong hands, it can lead to fraud, identity theft, or similar harms. Given the cost of a security breach—losing your customers’ trust and perhaps even defending yourself against a lawsuit—safeguarding personal information is just plain good business.
Some businesses may have the expertise in-house to implement an appropriate plan. Others may find it helpful to hire a contractor. Regardless of the size—or nature—of your business, the principles in this brochure will go a long way toward helping you keep data secure.
If you or your business have questions or concerns regarding fraud, computer law, privacy, or cybersecurity law matters, including assistance with policies, prevention or recovery from a ransomware attack and cybersecurity insurance or insurance claims, contact attorney Jeffrey A. Franklin at Prince Law Offices.