Articles

Alan Friel Lists "10 Steps to Build a Privacy and Security Program" in Corporate Compliance Insights

Articles / September 24, 2013

Partner Alan Friel authored an article for the Sept. 24, 2013, issue of Corporate Compliance Insights headlined “Data Hygiene Part of Corporate Compliance – 10 Steps to Build a Privacy and Security Program.” In it he outlines the general process of developing a good data privacy and security compliance program and lists these 10 steps businesses should take:

  • Identify the information assets and practices.
  • Conduct an assessment.
  • Identify responsive measures.
  • Establish responsibility.
  • Implement the measures and monitor the operation and effectiveness of the program.
  • Consider insurance.
  • Regularly reassess the program.
  • Address education and training.
  • Address the data in the hands of third parties.
  • Prepare for the event of a security breach.

Read the full article (subscription required).

 

Blog

In The Blogs

Previous Next
Data Privacy Monitor
Just How Far Does California’s New IoT Security Law Reach?
September 13, 2019
On January 1, 2020, California’s new Internet of Things (IoT) Security Law goes into effect. The law is the first IoT-specific security law in the United States and, simply put, requires all IoT devices sold in California to be equipped...
Read More ->
Data Privacy Monitor
Less Than a Month to Go Until Nevada Privacy Law Effective Date
By Alan L. Friel, Shea M. Leitch
September 12, 2019
As discussed in our previous blog post on the topic, Nevada’s amendments to its privacy law are set to go into effect Oct. 1, 2019. Less comprehensive in scope than the much-heralded CCPA, the Nevada privacy law amendment has received...
Read More ->
Data Privacy Monitor
Risk Management Strategies to Reduce Risk Associated with Telehealth
By Paulette M. Thomas
September 11, 2019
The use of technology to provide healthcare has existed for decades; however, recent advances in technology and changes in reimbursement have increased the prevalence of telehealth for diagnosing and treating patients. Telehealth is an...
Read More ->
Data Privacy Monitor
Summer Is Over – It's CCPA and NV Crunch Time
By Alan L. Friel
September 9, 2019
It is less than 120 days until California’s ground-shifting new privacy regimen – the California Consumer Privacy Act (CCPA) – goes into effect. There is only a week left for the Legislature to pass the handful of amendment bills that...
Read More ->
Data Privacy Monitor
Maryland Insurance Administration Issues Breach Notification Bulletin
By Patrick H. Haggerty
September 4, 2019
On Aug. 29, 2019, the Maryland Insurance Administration (MIA) issued Bulletin 19-14. The purpose of the bulletin is to inform insurers, nonprofit health service plans, health maintenance organizations, managed care organizations, managed...
Read More ->