The federal and state laws governing data privacy exact severe penalties on organizations that do not implement appropriate data security measures. Make sure you know what’s at stake.
AvMed recently paid $3.5 million to settle a data breach lawsuit in which class members could not prove actual damage. Will your organization be next? Plaintiffs’ lawyers, as well as federal and state governments, are likely to file “unjust enrichment” claims against organizations that do not ensure safe transmission and storage of personal data. Whether your organization handles financial or medical data, the price of IT compliance may be high, but the price of non-compliance is even higher.
There are a number of data security laws that may be applicable to your business, depending on the type of information you collect and store. These laws impose penalties for companies that fail to protect customer or employee data from unauthorized access or disclosure.
Some of the most common data security laws include:
1. Gramm-Leach-Bliley Act (GLBA)
2. Health Insurance Portability and Accountability Act (HIPAA)
3. Payment Card Industry Data Security Standard (PCI DSS)
4. Sarbanes-Oxley Act (SOX)
5. Children’s Online Privacy Protection Act (COPPA)
6. Federal Trade Commission Act
7. The USA PATRIOT Act
The Bottom Line:
There are a number of data security laws that businesses must comply with, depending on the type of information they collect and store. Failing to comply with these laws can result in significant penalties. Businesses should consult with an experienced attorney to ensure they are in compliance with all applicable laws.
Medical ITG can help you navigate the complex web of data security laws and ensure you are in compliance with all applicable regulations. Contact us today for more information.
Read more: https://pro.bloomberglaw.com/brief/data-privacy-laws-in-the-u-s/
