Every day it seems as though I read about another company that has suffered a data security breach. From Sony having its PlayStation network hacked to Citibank’s Visa cards being compromised to the release of files purportedly stolen from AT&T, Corporate America’s information infrastructure is under attack. There may be an important role for the legal department in helping to defeat these threats.
Data security faces a fundamental challenge: How do organizations provide employees, customers and other legitimate stakeholders access to data while, at the same time, limiting access to the “bad guys” and other non-legitimate users? Problems arise when companies do not know what type of data they have, have not defined what security and access is appropriate and where data resides. This is where the legal department’s records management and e-discovery processes can play an important role.