How are Businesses Preparing for Proposed Federal Data Privacy Legislation? Part Two: Conduct a Data Assessment and Address Risks
This is the second part in a series discussing the actions that companies can take to prepare for potential data privacy legislation. Part One summarizes and discusses recently proposed data privacy legislation.
This post, Part Two, briefly reviews how a data privacy assessment can help businesses proactively address potential compliance issues as these legislative options are addressed to minimize the risk of legal noncompliance.
Although the future of data privacy legislation is unclear, the only thing certain is change. In addition to actively monitoring legislative proposals, businesses hoping to shore up their data privacy and security posture should conduct a data privacy and security assessment with the help of a professional who understands current data privacy and security laws and how those laws are changing.
As part of the assessment, well-positioned businesses will at minimum complete a data inventory detailing the information that the business collects and holds, how the data is transferred, and who has access to it. Based on that inventory, the business can take steps to address both internal and external risks with internal policies and plans like an incident response plan, addressing third party vendor risks through contract or otherwise, IT solutions, and reassessing its cyber liability insurance.
Companies familiar with GDPR (General Data Protection Regulation) compliance might have already considered these steps, but many US companies that have not worked toward GDPR compliance would benefit from them too. Although these policies and procedures will require updating as laws change, they can and should be drafted to be adaptable.
Please contact a Foster Swift business attorney if you are interested in preparing for future legislation, assessing your company’s data privacy and security situation, or minimizing the risks associated with data breaches and noncompliance.
Taylor helps businesses and business owners solve and prevent problems as a member of Foster Swift's Business and Tax practice group. He handles business formation and transactions, tax controversies, employee benefits, and technology related issues.View All Posts by Author ›
- Fraud & Abuse
- Entity Selection, Organization & Planning
- IT Contracts
- Cloud Computing
- Venture Capital/Funding
- Radio Broadcasts
- Employee Benefits
- Intellectual Property
- Personal Publicity Rights
- Did you Know?
- Digital Assets
- Domain Name Registration
- Social Media
- Tax-Exempt Organizations
- Electronic Health Records
- Trade Secrets