Data Protection Resources
To help you manage information security and regulatory compliance
Businesses are digital storehouses of confidential and valuable
information – client lists, receipts, financial statements, credit information and other confidential business and client records. All are vulnerable to
theft and compromise. Identity thieves will dig through dumpsters, or stalk employees waiting to steal a laptop, external hard drive, or tape backup of confidential customer information. To combat theft and data compromise, businesses must safeguard themselves and their clients/patients.
- If data is lost, can it be restored, and how quickly?
- If a computer or smartphone escapes control of the company is its information accessible?
- What am I legally obligated to do if data security is breached?
- How do I protect my business and our clients/patients?
Recent privacy laws hold businesses and their management liable for the confidentiality of employees' and customers' information:
- HIPAA, the Health Insurance Portability and Accountability Act, holds everyone from doctors to pharmacists accountable for protecting patient records.
- Gramm-Leach-Bliley Act holds financial advisors and institutions responsible for safeguarding customer information.
- State and Federal laws are requiring businesses to take proactive measures to protect customer and employee privacy, and to report breaches when they occur.
Establishing a comprehensive process to secure business and consumer information against threats is as important as
a data backup plan that restores lost data. Each year the technology
landscape evolves, and more and more data protection laws are enacted and
enforced. With the stakes higher than ever, companies
must assess risks, implement controls, remove gaps, and regularly update data security processes.
With DiskAgent's goal of providing comprehensive data protection, we
understand your risks and actively work to provide you with the most timely
information and tools to address it. Below is a list of free resources: industry legal requirements,
best practices, forms, links to other resources, incident response guides, and industry-specific templates
for your data protection planning.
Privacy & Confidentiality Agreements/Templates
In several industries, regulations require that service providers with access to your data sign a business associate or confidentiality agreement.
Even in non-regulated industries, such agreements help protect the
technology buyer by documenting the responsibilities and quality standards your service partner employs in handling your data.
Remember that if one of your service providers has a security breach you are obligated to notify your clients/patients.
You are as strong or as vulnerable as your service providers.
How-To Guides, Incident Response Resources, & Other Tools
These are excellent resources for learning how to implement a security breach policy, process,and response plan.
Here are some links to outside resources and businesses that we respect.