Company budgets are subject to many demands, and striking the right balance in that budget can be the difference between sustained growth and catastrophic failure. Nearly all businesses collect or otherwise retain personal or proprietary information. Whether you maintain trade secrets, human resources information or personal information about consumers, it is important to consider how that data should be protected. With data breaches dominating headlines, company executives should make data security a priority. Below are seven points to keep in mind when assessing whether data security is worth the investment.

It is required by law

Not too long ago, corporate executives could pay little attention to data security, devoting nominal resources to basic infrastructure designed to maximise company efficiency, with data security being a mere afterthought. Now, however, the costs of this inattentive attitude are becoming increasingly severe. For example, if your company operates in a highly regulated industry, such as financial services or healthcare, US law generally requires that you reasonably protect data. For example, the Gramm-Leach-Bliley Act requires financial institutions to safeguard sensitive financial data. Likewise, HIPAA mandates a minimum level of security for identifiable health information. Indeed, HIPAA applies not just to healthcare providers, but also to many of their service providers who process or otherwise maintain identifiable health data on behalf of those healthcare providers. These laws carry stiff penalties, and failure to comply could lead to devastating enforcement actions, penalties and lawsuits.

Jul-Sep 2016 Issue

Zwillgen PLLC