Privacy & Security Matters Mintz Levin : Data Compliance & Security, Employee Privacy Lawyer & Attorney

T Minus 10,080 Minutes and Counting…..

Posted in Employee Privacy

We have just one week to go before all entities that own, store, license — or basically do anything with — personal information of Massachusetts residents must comply with the Commonwealth’s new data security regulations. Things to consider:

  • Have you done your risk assessment? Looked at what you collect and how you collect and how it is transmitted through and outside your organization?
  • Have you reached out to service providers that may have access to PI of your employees/customers?
  • Is your written information security plan in place, or at least have you started pulling together the various policies and processes (“P&P”) that would make up a “written information security plan”? Is the plan tailored to your actual P&P and, thus an accurate representation of what your business really does (and not a template with [insert company name here])?
  • Have you thought about employee security awareness training?