Articles

Alan Friel Lists "10 Steps to Build a Privacy and Security Program" in Corporate Compliance Insights

Articles / September 24, 2013

Partner Alan Friel authored an article for the Sept. 24, 2013, issue of Corporate Compliance Insights headlined “Data Hygiene Part of Corporate Compliance – 10 Steps to Build a Privacy and Security Program.” In it he outlines the general process of developing a good data privacy and security compliance program and lists these 10 steps businesses should take:

  • Identify the information assets and practices.
  • Conduct an assessment.
  • Identify responsive measures.
  • Establish responsibility.
  • Implement the measures and monitor the operation and effectiveness of the program.
  • Consider insurance.
  • Regularly reassess the program.
  • Address education and training.
  • Address the data in the hands of third parties.
  • Prepare for the event of a security breach.

Read the full article (subscription required).

 

Blog

In The Blogs

Previous Next
Data Privacy Monitor
Deeper Dive: GLBA-Regulated Financial Institutions Reduce Your Cybersecurity Risk With Rigorous Oversight of Third-Party Service Providers
May 8, 2019
Financial institutions that are subject to the Gramm-Leach Bliley Act (GLBA) can find practical tips that address their unique data security challenges in the 2019 Data Security Incident Report (DSIR). It appears that money remains a...
Read More ->
Data Privacy Monitor
Deeper Dive: Security Incident Mitigation Strategy: Effective Negotiation of Technology Contract Limitations of Liability
May 7, 2019
There is always significant negotiation around caps on liability when negotiating a contract with a technology vendor. If the vendor will have access to the personal information of its customers’ end users (regardless of whether the end...
Read More ->
Data Privacy Monitor
Washington Privacy Act Dies in the House While California Continues to Consider Refinements to the CCPA
By Shea M. Leitch, Niloufar Massachi
May 6, 2019
After passing the Senate nearly unanimously, the Washington Privacy Act (SB 5376) has stalled in the House of Representatives. The bill failed to achieve passage out of committee by the April 17 deadline for consideration of bills...
Read More ->
Data Privacy Monitor
‘Apparent Inconsistency' in HITECH Language Leads HHS OCR to Significantly Decrease Yearly Fines
By Aleksandra Vold
May 2, 2019
On April 26, 2019, the U.S. Department of Health & Human Services (HHS) issued an announcement that the annual penalty cap for three of the four tiers of HIPAA violations would be reduced significantly to match what HHS called a “better...
Read More ->
Data Privacy Monitor
California Assembly Privacy Committee Votes in Favor of Advancing CCPA Amendments
By Alan L. Friel, Niloufar Massachi
April 30, 2019
Last Tuesday, the California Assembly’s Committee on Privacy and Consumer Protection (Assembly Privacy Committee), which has jurisdiction over matters related to privacy, the protection of personal information and information technology...
Read More ->