Data security is a hot global topic right now. New laws that closely regulate data security practices seem to be popping up everywhere in order to account for all of the data people transmit electronically daily. Attorneys have been tightening their practices to protect confidential data and advising their clients to do the same. However, some organisations may not be aware that they could be liable for data breaches perpetrated by their employees – even in seemingly unrelated situations.
Everyone knows about the General Data Protection Regulation (GDPR). The GDPR is the EU’s new privacy regime in the region. Over a year has passed since its implementation and organizations are discovering how strict EU countries will enforce the law. One main provision of the GDPR is for organizations to have security measures in place that will safeguard private consumer data. read more
In 2018, 1,244 data breaches occurred in the U.S. with over 445.6 million records exposed with a cost of $654 billion. Lawyers make a promise to safeguard confidential client data when they enter into an attorney-client relationship. Today’s digital world means taking extra steps to ensure the security of data that lawyers text/email, save to the cloud, or otherwise electronically transmit. But what happens in the unfortunate event of a cyber-attack? Every state has a data breach notification statute that outlines when and how to notify individuals about compromised data. While this and other laws may apply, lawyers also have unique ethical duties to perform regarding data privacy. Failure to fulfill these ethical duties can result in disciplinary actions such as license suspension.
According to Interactive Advertising Bureau, U.S. firms spent nearly $19.2 billion on third-party audience data & data-use solutions in 2018, up 17.5% from 2017. One of many reasons why California’s new data security legislation, the California Consumer Privacy Act (CCPA), has generated a lot of buzz since its enactment in June 2018.read more