Follow Kara Linkedin Twitter Facebook
Email Kara Email
Legal Issues
Feb 15, 2016

Step Two Of Your Cybersecurity Plan: Collect Only Necessary Personal Data

Sponsored Content provided by Kara Gansmann - Attorney, Cranfill Sumner & Hartzog LLP

In returning to our cybersecurity series, the second of five keys to a sound cybersecurity plan considers collecting only the personal data that is necessary to your business’s needs. Recall that personal data generally includes a person’s name in combination with other identifying information.
 
The rule of thumb is that if you do not have a legitimate business need for certain personal data, you should not keep it or even collect it. If your business has a legitimate need for collecting certain personal data, the best approach is to keep that data only as long as it is necessary to conduct your business transactions and as long as the law requires.
 
A few examples for following this second step include the following:

  • Check the default settings on your software that processes transactions and credit card numbers because sometimes software is preset to permanently store information.
  • Ensure that electronically printed credit and debit card receipts contain no more than a few digits of a card number and that the expiration date is not printed.
  • Do not retain customer credit card numbers, expiration dates or other personal information gathered from the magnetic strips on credit cards without an essential business need for it. Retaining this information, or keeping it longer than necessary, increases your risk for the information to be used to commit fraud or identity theft. Once your business need is over, properly dispose of it.
  • Use Social Security numbers sparingly and only for lawful purposes like reporting employee taxes. While this advice may seem obvious, you may remember a time when your Social Security number was also your driver’s license number.
  • If your business needs or the law requires that you keep personal data, develop a written records retention policy to identify what information to keep, how to secure it, how long to keep it, and how to securely dispose of it.
Scaling down the personal data your business collects and keeps will help minimize your liability exposure in the event of a data breach.
 
Kara Gansmann, a North Carolina native, is an associate in Cranfill Sumner & Hartzog LLP’s Wilmington office, where she focuses her litigation and appellate practice on various aspects of labor and employment law, business and contractual disputes, medical malpractice, and HOA matters. To contact Kara Gansmann, call (910) 777-6055 or email her at [email protected].
 

Other Posts from Kara Gansmann

Wbj insights revised 0510 121615113531
Ico insights

INSIGHTS

SPONSORS' CONTENT
Mike stonestreet 300x300

When And How To Make Changes To Your Association's Governing Documents

Mike Stonestreet - CAMS (Community Association Management Services)
Aaeaaqaaaaaaaaidaaaajdhiztrkodm0lte2yjetngrkmy1hotrmltawmdvlmwqyztmymw

We All Win With Business Competitions

Diane Durance - UNCW Center for Innovation and Entrepreneurship
Hewet60

Failure And How To Avoid It

Ron Hewett - Academy Leadership

Trending News

N. Waterfront Park Project Could Draw Neighboring Development

Cece Nunn - Dec 9, 2019

Local Bank Officials Comment On Creation Of Truist

Jenny Callison - Dec 9, 2019

Vantaca Moves To MegaCorp's Former Headquarters

Johanna Cano - Dec 10, 2019

U.S. 421 Utilities Expected To Help Lure Jobs

Christina Haley O'Neal - Dec 10, 2019

Mark Anthony Brands Recognizes Coastal Beverage Co.

Christina Haley O'Neal - Dec 10, 2019

In The Current Issue

Retiree Volunteers: 'We're Just Not Done Yet'

More than 6 out of 10 adults age 55 and older engage in some volunteer activity in the U.S. The sizeable number of volunteering retirees can...


Can Tech Giants Break The Bank?

Are tech companies aiming to supplant banks, or are they moving into the realm as partners with established banks to help banks improve thei...


Retired Leader Reflects On Service

Ann Hardy, who recently retired as manager of Brunswick County and received the Order of the Long Leaf Pine in October, looks back on her ca...

Book On Business

The 2019 WilmingtonBiz: Book on Business is an annual publication showcasing the Wilmington region as a center of business.

Order Your Copy Today!


Galleries

Videos

2019 Health Care Heroes
August 26, 2019 Power Breakfast: A Healthy Sale?
2019 WILMA Leadership Accelerator
2019 WilmingtonBiz Expo Keynote Lunch - CEO, nCino, Pierre Naude`