Seven Questions to Assess the “Privacy Health” of Your Organization


Information about individuals is more readily available now than ever before in history, and its value both to legitimate business interests and to criminals is increasing. Storage options abound, and the trend is to store ever-greater quantities of data on ever-smaller devices, enhancing portability and increasing flexibility for out-of-office access.

The explosion of information’s value, availability, and mobility has created a corresponding escalation in risk and compliance obligations with respect to the privacy and security of that information. More than 40 states, the District of Columbia, Puerto Rico, and the Virgin Islands now require organizations to notify affected individuals when personal information has been (or is suspected to have been) subject to unauthorized access or acquisition. Those same laws often also require that government regulators be notified of the breach.

More than a dozen states mandate some form of comprehensive information security, and more than 35 regulate security of Social Security numbers. Relevant to employers’ group health plans, federal regulations mandate specific security requirements for protected health information and, more recently, breach notifications for individuals and regulators when a breach of such information occurs. Competing mandates with respect to information disposal, employee monitoring, direct marketing, and online operations also collude to create a dense, intricate, and risk-rich compliance environment.

Please see full alert below for more information.

LOADING PDF: If there are any problems, click here to download the file.

Written by:


Poyner Spruill LLP on:

Popular Topics
Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.