Follow Kara Linkedin Twitter Facebook
Email Kara Email
Legal Issues
Apr 1, 2016

The Fourth Goal Of A Cybersecurity Plan: Dispose Data Legally And Properly

Sponsored Content provided by Kara Gansmann - Attorney, Cranfill Sumner & Hartzog LLP

In this series on drafting a cybersecurity plan for your business, the fourth aspect is discarding sensitive data. The type of data your business collects, and the laws around it, may dictate how and when data should be discarded. Your general goal should be to reasonably ensure that the data cannot be read or reconstructed.
 
Federal and state laws may affect the disposal of personal data. For example, businesses that use a consumer’s credit report are subject to the requirements of the federal Disposal Rule. The rule requires the proper disposal of information in consumer reports and records to protect against “unauthorized access to or use of the information.” The Federal Trade Commission (FTC), the nation’s consumer protection agency, enforces the Disposal Rule against lenders, insurers, employers, landlords, government agencies, mortgage brokers, automobile dealers, attorneys, debt collectors and others. However, the FTC encourages anyone who disposes of personal or financial records to adhere to the protective measures as outlined by the Disposal Rule.

  • Shredding, burning, or pulverizing to effectively dispose of paper documents. Make shredders available throughout your business and near photocopiers. Ensure your employees know which documents require shredding and when to shred them by addressing this in your cybersecurity plan and employee handbook. Your policy should require the same procedures whether employees work remotely or on site.
  • Destroy hard drives from old computers or portable storage devices, or use a software program known as a wipe utility program. These inexpensive programs ensure that files on your hard drive are written over and no longer recoverable. Simply deleting a file on your computer does not guarantee that the file is unreadable or unrecoverable. In the matter of Goal Financial, LLC, it was alleged by the FTC that an employee sold surplus hard drives containing the sensitive personal information of approximately 34,000 customers in clear text. A wiping program might have limited the company’s liability.
  • An alternative option. For example, using due diligence to hire a contractor to dispose of the data.
While these tenets are fairly broad, certain businesses like financial institutions, law firms and health care providers are subject to other additional laws for disposing of personal data. No matter what business you conduct, include your company’s specific disposal procedures in your cybersecurity plan and implement that plan to ensure proper, secure and legal disposal of sensitive data.
 
Kara Gansmann, a North Carolina native, is an associate in Cranfill Sumner & Hartzog LLP’s Wilmington office, where she focuses her litigation and appellate practice on various aspects of labor and employment law, business and contractual disputes, medical malpractice, and HOA matters. To contact Kara Gansmann, call (910) 777-6055 or email her at [email protected].
 
 

Other Posts from Kara Gansmann

Wbj insights revised 0510 121615113531
Ico insights

INSIGHTS

SPONSORS' CONTENT
Carolinemontgomery4

Business Budgeting

Caroline Montgomery - Adam Shay CPA, PLLC
Fredheadshot 5119113348

How a Custom Garage Can Increase Real Estate Value

Fred Kumpel - Strickland's Home
Michaelhiggins 41019104338

Oleander Memorial Gardens Offers New Final Family Resting Places

Michael Higgins - Dignity Memorial

Trending News

ILM Aims To Start Parking Study Next Month

Christina Haley O'Neal - Jun 21, 2019

Interest In Solar Brightens

Christina Haley O'Neal - Jun 21, 2019

Chen Puts Final Touches On Ramen Shop

Jenny Callison - Jun 21, 2019

Roof Products Firm Back On Top

Christina Haley O'Neal - Jun 21, 2019

Wilmington To Host Disaster Preparedness Conference On Cancer Treatment

Johanna Cano - Jun 21, 2019

In The Current Issue

Selling Iconic Property On Iconic Island

More than 30 years later, Buzzy Northen and his wife, Ellen Northen, are still in love with Figure Eight Island. “It’s just heaven,” Buzzy N...


Roof Products Firm Back On Top

During Hurricane Florence last year, between 8 to 10 inches of water flooded the GAF Burgaw facility, causing damage to the building, finish...


Info Junkie: Claire Holroyd

Find out which apps and tech are used by Skilly-do CEO and co-founder Clarie Holroyd, whose product is an online toolkit that promotes early...

Book On Business

The 2019 WilmingtonBiz: Book on Business is an annual publication showcasing the Wilmington region as a center of business.

Order Your Copy Today!


Galleries

Videos

2019 WilmingtonBiz Expo Keynote Lunch - CEO, nCino, Pierre Naude`
Transporting the Future - Power Breakfast 3.12.2019
Health Care Heroes 2018