In the last few years, at least 44 states have adopted information security breach notification laws requiring businesses to notify their customers if their private, personal information (such as credit card numbers, social security numbers, and drivers license numbers) has been improperly acquired and could be used inappropriately.
Generally under these laws, if information has been encrypted and cannot be read without decrypting the information, no notice is necessary, but otherwise, you must notify your customers that the security of their data has been breached. Significant fines can also result.
Needless to say, such a breach can be expensive and can ruin your business's reputation and alienate your customers. In order to be prepared to respond under these laws, you need to take steps:
• Protection and Prevention – avoid the breach if at all possible
• Preparation for Notification – be ready with your response procedures
• Notification – know what to do when you must notify
Lewis Creek Systems can help you understand what these laws mean and what you should do to be prepared to answer to them. We can help you establish the information security management process that will help you prevent breaches in the first place, and respond properly if they do take place.
Contact us today to find out more about these laws and how they apply to you, and to ask how we can help you be prepared to deal with the worst.
Go to the Services Overview