Every business collecting, using, maintaining, or storing electronic data is at risk for a security incident.
Southlake, TX (PRWEB) January 28, 2014
The National Cyber Security Alliance created Data Privacy Day, an annual event on January 28th. as an international effort to empower and educate people and organizations to respect privacy, safeguard data and enable trust.
“Every business collecting, using, maintaining, or storing electronic data is at risk for a security incident. Even those companies who have implemented the most advanced security initiatives are not immune from data breaches, but all businesses must do more to minimize the risks, said Robert J. Scott, Managing Partner, Scott & Scott, LLP, with a practice area focus on privacy and security. Companies should have a data breach plan in place to prepare for and mitigate the liability, costs, and brand-damage associated with data security incidents.
Small to mid-size businesses have generally been considered more vulnerable to data breach attacks than large enterprises, but as the massive Target, Neiman Marcus, and now possibly Michaels Stores (as reported in PCWorld on January 27th) indicates, all businesses are susceptible. Reuters reported on January 23rd that the FBI has warned retailers that they should prepare for more cyber attacks after discovering about 20 hacking cases in the past year that involved the same kind of malicious software used against Target. However retail is not alone. It’s unusual not to read a headline reporting a breach in financial, healthcare, social networks, social media, and government agencies.
Scott & Scott, LLP recommends companies:
(a) Implement preventive measures to minimize the threat of a notice-triggering event including privacy policies a procedures, ongoing privacy training, and proactive technology measures such as data encryption
(b) Hire expert counsel or forensics services to investigate the incident
(c) Have cyber security insurance
(d) Know appropriate breach notification requirements and what immediate remedial action to implement in accordance with the law
(e) Minimize the legal liabilities, damage to reputation, and costs associated with data breach by taking appropriate action within statutorily required timeframes
(f) Avoid over or under-reporting the incident.
“After a security incident occurs, time is of the essence”, continued Scott.
About Scott & Scott, LLP
Scott & Scott, LLP is an intellectual property and technology law firm dedicated to helping senior executives assess and reduce the legal, financial, and regulatory risks associated with information technology issues. An innovative approach to legal services, Scott & Scott, LLP believes that collaboration between legal and technology technology professionals is necessary to solve and defend against the complex problems our clients face, including privacy and network security, IT asset management, software license compliance, and IT transactions. Legal and technology professionals work in tandem to provide full-service representation. By combining these resources, Scott & Scott, LLP is better able to serve clients’ needs than law firms and technology services firms working independently of one another.
Visit Scott & Scott, LLP online at http://www.scottandscottllp.com