It is increasingly common for businesses to retain vast amounts of data and information about their customers and clients. Whenever a business stores the personal information of their customers and clients, that business has an obligation to store such information securely.
The duty to secure customer data is more than a moral obligation, but a legal one. Several laws have been passed to require businesses to develop security plans, including the Gramm-Leach Bliley Act (GLBA) for businesses in the financial sector and the Health Insurance Portability and Accountability Act (HIPAA) for businesses in the health care sector. Both the GLBA and HIPAA require businesses of all sizes to maintain formal security programs that implement administrative, technical and physical safeguards for the storage of customer information.
Businesses that are not subject to either the GLBA or HIPAA can still be required to develop a written security program. If your business maintains any personal information on a resident of Massachusetts, under Massachusetts law, your business must develop and implement a comprehensive written information security program. Your business does not need to be based in Massachusetts to be subject to the law.
The attorneys at Meyerson, Fox, Mancinelli & Conte, P.A. work with small and medium sized businesses to develop data security plans that are specifically tailored to their individual needs and circumstances. In addition to developing data security plans, our attorneys review vendor agreements to ensure that they properly address the security of customer data.
Data security is not just a concern for Target and Home Depot. Protecting customer data is an obligation for every business, no matter its size. To learn more about how our attorneys can help your business secure customer and client data, contact us today.