You are here

Cybersecurity and the Importance of Data Privacy

Cybersecurity and the Importance of Data Privacy

Cybersecurity — especially data privacy — is one of the biggest problems facing businesses today. These security problems are compounded because every segment of every industry is affected differently, and each is subject to the risk factors peculiar to that segment. Grouping similar data together based on chosen parameters allows businesses to assess the privacy needs of each data segment they are holding. For example, the protections for public data don't have to be as stringent as the protections for private data.

Protecting the privacy of the data with which they are entrusted is a universal business goal. The best way to get started is to answer the following questions:

  • What types of data does your business have (e.g., credit card information, health information, criminal history, biometrics)?
  • Which departments have access to that data?
  • Who are your data service providers and what are their credentials?
  • Which personnel can access the data?
  • What steps has your company taken to protect the data (e.g., encryption, back-up, internal controls)?

Federal and International Regulations

The United States has no federal law protecting data privacy. A number of states, however, are responding: at least 31 states have already established laws regulating the secure destruction or disposal of personal information. At least 12 states — Arkansas, California, Connecticut, Florida, Indiana, Maryland, Massachusetts, Nevada, Oregon, Rhode Island, Texas and Utah — have imposed broader data security requirements. Other states, including New York, are considering legislation.

California is a pioneer on the data privacy front. The California Consumer Privacy Act of 2018, which goes into effect on January 1, 2020, is similar to the General Data Protection Regulation (GDPR). Companies that do business in California will be affected by this legislation.

At least some of the activity at the state level is in response to the European Union's enactment of the GDPR. Any company doing business in a nation that has adopted the GDPR must comply with its consumer protections regarding data privacy. The GDPR covers many types of data, including the following:

  • Personally identifiable data (e.g., names, addresses, date of births, Social Security numbers)
  • Web-based data (e.g., user location, IP address, cookies, and RFID tags)
  • Health (HIPAA) and genetic data
  • Biometric data
  • Racial or ethnic data

The bottom line is that U.S. businesses operating in multiple jurisdictions must consider these categories, as well as any other categories pertinent to their industry, as they segment the data they are holding. Understanding the data they hold is essential to instituting the right level of privacy safeguards.

Three Steps to Securing Your Data

Understanding your data is the first step to securing data. The second step requires knowing the relevant laws and regulations your business must comply with.

The third step is to stay alert for any indications of a breach. The sad truth is that many data breaches go on for quite a while before they are discovered. The time lapse between hack and discovery allows hackers to continue accessing vulnerable data. That makes constant monitoring an important aspect of any data security program. Watching for the signs of a breach — such as an unanticipated spike in bandwidth usage — can indicate a problem.

By following these three steps, businesses can be sure they are doing their best to protect the data they and their data service providers hold.

Our firm provides the information in this e-newsletter for general guidance only, and does not constitute the provision of legal advice, tax advice, accounting services, investment advice, or professional consulting of any kind. The information provided herein should not be used as a substitute for consultation with professional tax, accounting, legal, or other competent advisers. Before making any decision or taking any action, you should consult a professional adviser who has been provided with all pertinent facts relevant to your particular situation. The information is provided "as is," with no assurance or guarantee of completeness, accuracy, or timeliness of the information, and without warranty of any kind, express or implied, including but not limited to warranties of performance, merchantability, and fitness for a particular purpose.

Copyright © 2018 IndustryNewsletters. All rights reserved.

Other Blog Articles

Wage and Hour Implications of Daylight Saving Time

Daylight Saving Time (DST) is the practice of pushing the clock forward 1 hour during the summer so that daylight in the evening lasts longer. Each year, DST starts on the second Sunday of March and ends on the first Sunday of November.

How to Provide Vacation and Sick Time

Both company owners and employees may often find it hard to believe that there's no federal law requiring a business to provide paid holidays, vacation or sick leave.

Does Every Company Have To Be An Equal Opportunity Employer?

While few would disagree that every company should be an equal opportunity employer, the many federal laws that ensure equal opportunity don’t apply to some smaller employers. 

The 7 Reasons to Hire an Accountant

When it comes to managing your finances, you may feel like you've got a good handle on your money. You know your income and track your expenses, so why pay someone to do what you're already doing, right?

EEOC Final Rules on Wellness Program Incentives

On May 17, 2016, the Equal Employment Opportunity Commission (EEOC) issued final regulations under the Americans with Disabilities Act (ADA) and the Genetic Information Nondiscrimination Act (GINA), allowing employers to offer employees up to a 30 percent incentive for disclosing ADA- and GINA-pr

Pages

How can we help?

Let Autopaychecks provide you with a single solution to managing payroll, human resources, time tracking and employee benefits.

Phone: 970-245-4244
Email: info@autopaychecks.com

Autopaychecks, Inc.

Providing payroll, human resources, time tracking and benefits solutions for small-to-mid-sized companies.

iSolved Solutions from Autopaychecks
iSolved Network Certified Partner