Organizations depend on data. Increasingly, that data is under siege by hackers, identity thieves and even well meaning but misguided employees.1 Worst-case scenarios like the breach of millions of customer records or large-scale theft of intellectual property that just a few years ago were unimaginable or, at the least, somewhat far-fetched, are now all too often reality. But research shows that data breaches are preventable with appropriate controls in many, if not most, cases.2 Such controls are founded on a solid information security and data protection program; strengthening your program starts with creating and maintaining a strong, comprehensive, yet accessible policy. However, the press of day-to-day demands on in-house counsel means they often lack sufficient time and resources to develop such policies. Policy development calls for specialized expertise and coordination between legal and key stakeholders, especially in highly technical areas like information security and data protection. What is required? The answer is an effective, efficient method that not only helps in-house counsel develop such policies, but also allows them to build awareness and ownership across those key employee groups whose support is critical for ongoing compliance.
To read the full article, click below.
Copyright 2012 ACC Docket.
Reprint permission granted.