“Reasonable” Security: The FTC Requires It, But What Is “Reasonable” Security?

more+
less-

The Federal Trade Commission (FTC) has taken more than 25 actions alleging that inadequate information security constituted an unfair trade practice in violation of the FTC Act. In these enforcement actions, the FTC has targeted corporations for failure to implement “reasonable and appropriate security measures” and requires in the subsequent consent orders that the organizations implement a comprehensive written information security program and submit to thirdparty assessments of that program every other year for the duration of the order (usually 20 years).

But what does “reasonable security” really mean? And more important, how do you apply reasonable security measures to your business? Although you can rely to some extent on technology standards and industry best practices, information security law has evolved to a point where case law and FTC enforcement actions are a source of some suggestions.

Please see full alert below for more information.

LOADING PDF: If there are any problems, click here to download the file.

Written by:

more+
less-

Poyner Spruill LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×
Loading...
×
×