Recently we sent a questionnaire to our clients and friends asking what topics they wanted to hear about in the world of IT. We received several responses and to cover them all we’re starting a newsletter and post series called Looking Out where we look to answer your questions about IT topics. To start, the number one topic from our fanbase was “What Cyber Security laws apply to me and what do I need to do about it?” With the overwhelming interest in it, we figured we’d start there.
We are publishing a series of small and informative articles covering some frequently asked questions we get around cyber data laws. We promise to keep it brief: exclude the commercials, and leave out techno speak. As the articles will stay short, chances are we won’t answer all of the questions you might have. If there’s something you want to know more about, feel free to reach out and ask us a question at info@systemsupport.com or call us at 781-837-0069 and we’ll get you a solid answer.
Look for our upcoming posts on LinkedIn and our other social media platforms., and of course, the articles will be at our website https://www.systemsupport.com
We are writing from the perspective of a Business Person, Owner or Professional that needs to maintain and secure information about their employees, clients, and vendors. As data laws vary from state to state, we’ll focus on our home state of Massachusetts.
We are not attorneys, nor do we portray one on the internet. Our articles are intended to inform, and NOT to provide legal advice. We encourage you to contact an attorney for any legal advice.
Like everything else in our adult lives, ignorance is not an excuse, and the consequences can be quite severe. We will try to help you make sure that you are aware of what laws out there may apply to you and how to prepare and be proactive in taking steps in the right direction
Why All The Fuss?
Cybercrime is by far the #1 crime in the world these days, and even several countries are being accused of Cybercrimes being practiced by their government, no less. The tools and techniques they use now are so good that everyone is “on the radar”, regardless of size or revenue. For the average individual, Identity Theft is becoming the crime that will most likely affect them in their lifetime.
To respond to the rise in cybercrime and the theft of identities and personal information, governments enacted cybersecurity laws to have businesses take steps to protect the information. The primary goal of cyber security laws is to protect the personal information of individuals and corporations. Personal Information (PI) is usually defined as related to Health (Medical records) and Finance (Social Security Numbers, Bank Accounts, Loans and Credit Cards, and in some cases online account information, i.e. Facebook Accounts, Twitter, etc.). It’s important to note that different laws classify personal information and sensitive information based on various criteria including combination of certain pieces of information and what someone can do with that information. We’ll cover later how sensitive and personal information defined across the different requirements.
How do we respond?
With everything going online these days, many government entities, from Federal Agencies to the State of Massachusetts, have set forth standards and statutes for businesses and professionals to follow to ensure that Personal Information is protected from unauthorized use. Most of these standards are reasonable and most businesses can comply with minimal expense. Almost all standards require the Business or Professional to maintain documentation on their practices related to using and securing Personal Information. After all, the law loves paperwork!
Coming Up
We’ll talk more specifically about the different standards and statutes for Personal Information and which ones may apply to you.
The Consequences of the Law
Best practices for using and protecting Personal Information
Thanks for taking the time to join us. We are confident that with some planning, implementation, and documentation, you will take steps in the right direction to protect Personal Information and keep the paper trail to prove it.