In recent years, there have been massive, widely-publicized data breaches,
as well as many less-publicized cybersecurity occurrences that have affected
American businesses large and small.
Today, privacy is something that all companies need to be aware of. If
you have a company, whether it’s run out of your home or located
in a large office building downtown, it is a target.
Since we cannot stop breaches and hacks from continuing, the best thing
that businesses can do is prepare themselves and be ready to recover after
experiencing a breach. What can you do?
Within your company, you need to assemble a team that knows how to handle
privacy and security matters. Depending on the size of your company, your
team should consist of representatives from different departments, not
just IT personnel.
You must take a proactive approach, and one way to do this is to assign
an employee to be responsible for the company’s privacy and security.
For examples of how others are doing it, you can look to companies who
have appointed a chief privacy officer, or a similar position.
You want to hire a trained professional who will proactively address all
of the company’s privacy issues. Whenever your company develops
any new products or services, this individual should be involved to ensure
that all privacy and security issues are properly addressed before launch.
Generally, companies refer to this approach as “Privacy by Design”
because the company addresses privacy during the development stages, not
after the product has been developed.
Taking External Steps to Protect Your Business
Externally, there are steps that can be taken as well. Businesses can prepare
themselves for a privacy breach by having legal counsel, by having a team
of specialized IT consultants, and by having a public relation’s
firm and a forensic technology firm secured before the company is breached.
As a business owner, think ahead. Know what you are going to do and who
you are going to call. For instance, if there is a privacy breach, get
your attorney on the phone immediately after discovering the breach.
Your attorney can advise you on critical steps to take, such as contacting
the Federal Trade Commission (FTC), the attorney general, or other regulators
who have jurisdiction over such matters.
As far as the FBI is concerned, we’ve found that before a company
learns of a security breach, the FBI already knows about it.
Learn more about privacy and security breaches and how they can impact
Contact our Chicago business law firm to schedule an initial