Cyber Security Month

Every business needs to be proactive and make sure that customer data is safe and secure when it is stored and used electronically. The preliminary steps in this process include: 

  1. Assessing the type of information that you are storing;
  2. Developing a data privacy policy;
  3. Implementing the policy; and, 
  4. Review.

Assessing the information that you are storing requires you to evaluate the following issues, but not limited to: the type of information that you are storing; who needs to have access, whether to use encryption or passwords, how long will you need to have this information, and how will you destroy the information when it is no longer needed.

Developing a data privacy policy for your company is the next step. Developing a data privacy policy is more than corporate rules that answer the questions from the previous step. It needs to reflect the needs of your company and the technology that your company is using. You would need to be familiar with the applicable state and/or federal data privacy statutes and regulations. Finally, the data privacy policy needs to include the procedures that the company will take in the event that your company is hacked. 

The third step is the implementation of your policy. Implementation of your policy requires training. Also, a policy is of no use, if it is not followed. 

The fourth and final step is reviewing your data privacy policy. Reviewing your data policy should be done at least twice a year. The reason for this is not only technologies changing nature, but as your company grows, your data privacy needs will change with it. 

Although this may appear to be daunting, note that the average data breach costs a business $3.8 million dollars. Not only is it costly, but bad publicity does not help and can even generate reputational damage to a business.   

Learn more today how you can secure your customer data as well as how we can help you with developing or assessing your data privacy policies and procedures.