Protect Your Business from Data Security Breaches
After hearing about the many data security breaches in the past few years, you may have wondered how breaches can be prevented, either at a business you own or the ones you patronize. Though hackers are becoming more sophisticated, smaller businesses need to start with the basics if they do not have a security plan in place.
Before you even begin installing password manager and encrypting hard drives, do some research. For example, learn about the data security laws in your jurisdiction, especially if your business is in a personal information-heavy field such as healthcare. Special laws or standards for data protection may apply in your industry. Also, you may find that someone has done this before you, and there are protocols you can follow for the particular software or hardware you use.
Next, evaluate what kind and how much personal information your business has. If you find that you have medical information, Social Security numbers, or other consumer information, even for your own employees, check into relevant laws such as HIPAA. See, e.g., Health Insurance Portability and Accountability Act of 1996. Consider how you send and receive this information and how it is stored.
Once you know what kind of information needs to be protected and how the information is stored, develop a plan to protect it. For example, explain to employees why data breaches are problematic for the company. Consult an IT specialist and other experts for help locking down data on devices. When you sign contracts with other companies, consider whether a data breach could occur when you send or receive private information between your companies and incorporate that possibility into the contract by designating the steps each company will take if a data breach occurs. For example, both companies might be required to conduct an internal investigation to determine the breach’s source.
If a data breach does occur, immediately consult a lawyer and think about employing a public relations professional, depending on your company’s public exposure. You could face a lawsuit or find your business in the news as another one of those data breach headlines. Further, do not destroy evidence related to the data breach because you could be sanctioned in court for its destruction. Instead, try to identify the breach, stop the data loss, and fix the breach.
If you are worried about your business’s data security, speaking to an attorney could help allay worries and better protect your business. . Michael Leonard, Esq., of San Diego Corporate Law, named a “Rising Star” for 2017 by SuperLawyers, tailors his business law advice to individual clients and businesses. To schedule a consultation, e-mail San Diego Corporate Law or call Mr. Leonard at (858) 483-9200.