A step-by-step guide to addressing corporate data privacy and security (Part 1)

Identifying a security team, cataloging company data, and evaluating you company's unique risks

What do you do when you learn that your company’s server has been hacked and untold quantities of data stolen? What do you do when you learn of a glitch in an app your company sells that gives malware easy access to data on devices on which the app has been loaded? What do you do when a company laptop or mobile device has been stolen? What do you do when an employee receives unsolicited email, clicks on a link in the email, and installs malware on a company computer?

If your organization has a website, collects, stores, or processes sensitive data, or uses smartphones, tablets, email, social media, cloud-based services, or laptops, and it lacks a plan to address scenarios such as these, then it is time to remedy the lapse by developing a data privacy and security program. While observers recognize it is nearly impossible to create a digital Fort Knox impervious to breach, it is clear that taking substantial, meaningful steps to assess and protect sensitive data will go a long way toward minimizing risk of loss and liability for data breaches.

Contributing Author

author image

Todd C. Toral

Todd C. Toral is a partner with DLA Piper LLP (US) in San Francisco, where he litigates complex business disputes in state and federal courts...

Bio and more articles

Contributing Author

author image

Kathleen S. Kizer

Kathleen S. Kizer is an attorney with DLA Piper LLP (US) in San Francisco, where she litigates complex commercial disputes in state and federal courts...

Bio and more articles

Join the Conversation

Advertisement. Closing in 15 seconds.