Does your business collect the personal information of its customers? Does it accept credit cards? Cybercrime and data security breaches are on the rise. All businesses face an increased risk of suffering a data breach. Data breaches often lead to a loss of customer good will and reputation, lawsuits, and unwanted government investigations.
Businesses should consult a privacy attorney to proactively address and mitigate these risks. There is a complex web of laws, industry standards, and contractual obligations that can apply. This ever-changing landscape creates requirements and potential liability, even if your business is unaware of them.
Massachusetts data privacy laws are among the most stringent in the country. Any business using the personal information of a Massachusetts resident must safeguard this information by establishing security measures and developing a written information security plan. A company that suffers a data breach must notify the Attorney General, the Director of the Office of Consumer Affairs and Business Regulations, and the Massachusetts resident(s) affected by the breach.
Mark A. Bross is a privacy attorney and a Certified Information Privacy Professional/U.S. (CIPP/US) with the International Association of Privacy Professionals (IAPP). He counsels clients about complying with privacy laws and preventing a data breach. This counseling includes:
- Developing privacy and information-security plans.
- Advising about ways to mitigate potential security breaches.
- Developing incident-response plans for data breaches.
- Advising about information retention and destruction policies.
- Conducting privacy analyses and audits.
- Maintaining privacy of employment and medical records.
- Providing guidance about lawful employee background checks.
- Ensuring compliance with the Payment Card Industry Data Security Standard (PCI DSS).
- Counseling about monitoring of employee communications on social-media.
- Preparing technology-acceptable use policies for employees and others granted network access.
- Drafting and assessing third-party vendor contracts.
- Class action civil litigation
- Government Investigations
- Reporting and disclosure issues
- Defending claims by payment card brands and card-issuing financial institutions
- Revising data security procedures
If you are concerned about whether your business is compliant with privacy laws, please contact Bross Law, LLC by phone or the contact form to set up your free initial consultation. All inquiries are completely confidential and will be answered promptly.
© 2014 Bross Law, LLC. All rights reserved. Attorney Advertising: Prior results do not guarantee a similar outcome.