Follow Kara Linkedin Twitter Facebook
Email Kara Email
Legal Issues
Apr 1, 2016

The Fourth Goal Of A Cybersecurity Plan: Dispose Data Legally And Properly

Sponsored Content provided by Kara Gansmann - Attorney, Cranfill Sumner & Hartzog LLP

In this series on drafting a cybersecurity plan for your business, the fourth aspect is discarding sensitive data. The type of data your business collects, and the laws around it, may dictate how and when data should be discarded. Your general goal should be to reasonably ensure that the data cannot be read or reconstructed.
 
Federal and state laws may affect the disposal of personal data. For example, businesses that use a consumer’s credit report are subject to the requirements of the federal Disposal Rule. The rule requires the proper disposal of information in consumer reports and records to protect against “unauthorized access to or use of the information.” The Federal Trade Commission (FTC), the nation’s consumer protection agency, enforces the Disposal Rule against lenders, insurers, employers, landlords, government agencies, mortgage brokers, automobile dealers, attorneys, debt collectors and others. However, the FTC encourages anyone who disposes of personal or financial records to adhere to the protective measures as outlined by the Disposal Rule.

  • Shredding, burning, or pulverizing to effectively dispose of paper documents. Make shredders available throughout your business and near photocopiers. Ensure your employees know which documents require shredding and when to shred them by addressing this in your cybersecurity plan and employee handbook. Your policy should require the same procedures whether employees work remotely or on site.
  • Destroy hard drives from old computers or portable storage devices, or use a software program known as a wipe utility program. These inexpensive programs ensure that files on your hard drive are written over and no longer recoverable. Simply deleting a file on your computer does not guarantee that the file is unreadable or unrecoverable. In the matter of Goal Financial, LLC, it was alleged by the FTC that an employee sold surplus hard drives containing the sensitive personal information of approximately 34,000 customers in clear text. A wiping program might have limited the company’s liability.
  • An alternative option. For example, using due diligence to hire a contractor to dispose of the data.
While these tenets are fairly broad, certain businesses like financial institutions, law firms and health care providers are subject to other additional laws for disposing of personal data. No matter what business you conduct, include your company’s specific disposal procedures in your cybersecurity plan and implement that plan to ensure proper, secure and legal disposal of sensitive data.
 
Kara Gansmann, a North Carolina native, is an associate in Cranfill Sumner & Hartzog LLP’s Wilmington office, where she focuses her litigation and appellate practice on various aspects of labor and employment law, business and contractual disputes, medical malpractice, and HOA matters. To contact Kara Gansmann, call (910) 777-6055 or email her at [email protected].
 
 

Other Posts from Kara Gansmann

Essential Estate Planning Documents for Young Adults

Relief Available for Medicare Part B Penalties

Top Estate Planning Tips for Loved Ones with Special Needs

The Low-Down on the Medicaid Spend-Down

What’s the Penalty Applied by Medicaid for Gifts or Transfers?

Estate Planning & Estate Administration Considerations for Bitcoin

May is National Elder Law Month

NC Seniors Will Receive New Medicare Cards But Remain Susceptible to Fraud

What Can Happen to My Cremated Remains under NC Law?

Using a Supplemental Needs Trust for the Benefit of a Disabled Person

Use a Pet Trust to Ensure Your Pet’s Care

Post-Retirement Planning: A Checklist for Seniors

Top 10 Scams that Target Seniors

The Tax Cuts & Jobs Act’s Impact on Elder Law & Estate Planning

The New N.C. Power of Attorney Act: Its Impact on Estate and Elder Law Planning

As Options Increase for Senior Housing, Rely on a Geriatric Care Manager

Debunking Five Common Myths About Long-Term Care Planning

November Brings Turkey, Alzheimer’s Awareness And A Need To Proactively Plan For Aging Loved Ones With The Disease

The IRS Increased The Thresholds For 2018 Estate And Gift Taxes

The Caretaker Child: How Aging Parents Can Compensate Adult Children For Care At Home

Using Personal Care Agreements For An Elderly Person’s At-Home Care

Five Tips For Protecting Seniors In A Technological World

Common Mistakes In Probating Estates Without Legal Assistance

Cashing A Paper Savings Bond After The Owner Dies

The Importance Of Estate Planning For Unmarried Couples

A Request For A 'Simple Will' Isn’t Always Simple

Top 10 Reasons To Consult An Elder Law Attorney

Cyber Breaches: What’s At Risk For Businesses

An Employer’s Guide For Accepting Or Denying A Work Injury Claim

The Pending Legal Landscape Of Labor And Employment Law

Creating A Breach Response Plan For A Cyber Attack

HB2’s Impact On Private And Public Employers

How To Gamble And Win With Workplace Games Of Chance

The Third Step To A Sound Cybersecurity Plan: Protecting Your Data

Step Two Of Your Cybersecurity Plan: Collect Only Necessary Personal Data

Reporting Deadlines Extended For Large Employers Under The ACA

The First Step Of Cybersecurity Plans: Know Your Data And Its Location

Five Keys To Crafting A Cybersecurity Policy For Your Business

Wbj insights revised 0510 121615113531
Ico insights

INSIGHTS
SPONSORS' CONTENT
Dallas headshot 300x300

Is A Family Transfer Right For Your Business?

Dallas Romanowski - Cornerstone Business Advisors
Carolinemontgomery4

New Dec 2020 Government Stimulus and Programs

Caroline Montgomery - Adam Shay CPA, PLLC
Mike stonestreet 300x300

8 Questions To Ask When Choosing A Professional Community Management Company

Mike Stonestreet - CAMS (Community Association Management Services)

Trending News

Tomsic Assumes New Position With Dogwood State Bank

Jenny Callison - Jan 13, 2021

More COVID-19 Vaccine Doses Arrive, Providers Added To Administer Shots

Vicky Janowski - Jan 13, 2021

Q&A: Veteran Starts Her Own Real Estate Firm

Cece Nunn - Jan 15, 2021

Economist: Regional Economy Could See Light Going Into 2021 Tourist Season

Christina Haley O'Neal - Jan 13, 2021

Historic Wilmington Foundation Names Next Executive Director

Christina Haley O'Neal - Jan 15, 2021

In The Current Issue

Bike Shop Owner Rides To Success

Since she left the corporate world less than 10 years ago, Diane Hodapp has been on a roll....

2021 Goals: New Year's Outlook In Their Own Words

Several of the region’s economic development groups and organizations that are economic drivers check in with a recap of what happened in th...

A Closer Look At The Year Ahead

While COVID-19’s impact on the economy will remain a focus this year, other expected newsmakers in 2021 include New Hanover Regional Medical...

Book On Business

The 2020 WilmingtonBiz: Book on Business is an annual publication showcasing the Wilmington region as a center of business.

Order Your Copy Today!


Galleries

Videos

2020 Health Care Heroes
2020 WilmingtonBiz 100