Data security breaches in the private sector have become so commonplace in the digital age that they scarcely shock or make headlines anymore — much to the chagrin and inconvenience of those whose sensitive data has been targeted. But there is much that businesses (including small law firms and solo practitioners) can do to protect their data from malicious or inadvertent loss, and the Colorado Attorney General’s Office and the Federal Trade Commission (FTC) want you to know about it. They’ve collaborated on a free pamphlet, “Protecting Personal Information: A Guide for Business” (pdf), available for download.
The pamphlet summarizes five steps an entity should take to create and maintain a data-protection plan, each step with a wealth of details within.
Take stock. Know what personal information you have in your files and on your computers.
Scale down. Keep only what you need for your business.
Lock it. Protect the information that you keep.
Pitch it. Properly dispose of what you no longer need.
Plan ahead. Create a plan to respond to security incidents.
The FTC website features an interactive tutorial instructing on these measures.
Earlier this month, we reported on related news of interest to business owners: how to safeguard a business entity’s identity against out-of-state crooks hoping to capitalize on its good credit toward malicious ends.