We live in the Information Age. Increasingly, business success depends on the ability to obtain, maintain and intelligently utilize increasing amounts of electronic information, or data.
We also live in “The Era of the Data Breach.” Thieves are constantly attempting to steal your data, whether you know it or not. Negligent employees & vendors lose their mobile devices, containing Personally Identifying Information (PII) of employees and customers. At any moment, you can be hit by Ransomware. So, Government Regulators mandate compliance with privacy laws.
Why is Everyone After Your Data? Because “Data Is The New Cash.” The majority of worldwide business assets are intangible assets, or information, and it is growing exponentially. So, by law, California, and most other states, require every business:
- to PROTECT the privacy and Personally Identifying Information (PII) of customers and employees;
- to DETECT privacy & security incidents & breaches when they occur;
- to MITIGATE harm by notifying victims & regulators, & by properly destorying electronic data;
- to RESTORE quickly & RECOVER effectively, by implementing culture of privacy & security.
ECJ can help; we know Cybersecurity, Data Privacy & E-Commerce.
ECJ Cybersecurity, Data Privacy and E-Commerce Services
“If you fail to prepare, you are preparing to fail.” Business Risk is nothing new. Officers & Directors routinely address risks such as fire, theft, supply chain, dependence on one large customer. Managers and employees who continue to ignore data privacy & cybersecurity risks and “hope for the best” are being audited and punished by regulators, whether or not the business is breached.
California Law requires that every business that holds PII of California residents must maintain “minimum reasonable security.” This requires obtaining an independent, third party, Risk Assessment. Self-Assessments do not work, and Officers & Directors cannot delegate this duty to the IT Department. Risk Assessment & Management is not the job of the IT Department.
If you have not assessed your risk, you cannot manage it. Risk Assessment involves legal, technical and personnel expertise.
ECJ can help. Our Data Privacy and Cybersecurity attorneys work with technical experts to review your business processes, and provide legal, technical and “human factors” analysis. We provide a formal, written Risk Assessment Report (attorney-client privileged, if you choose, or that you can provide to regulators or insurers). We regularly work with local law enforcement and the F.B.I., and have extensive experience in Health Care (HIPAA), Banking & Financial Institutions (GLBA), Employment Law (FACTA, FCPA), E-Commerce (TCPA, ECPA), Defense Contracting (DFARS & NIST) and Government Enforcement (FTC, CFPB, SEC, DOJ & Cal. OAG & DBO).
We provide a free, one-hour, “Bring-Your-Laptop Seminar” to prospective clients on passwords, encryption & two-factor authentication. We also provide services on a flat rate or hourly basis, or monthly retainer, to the Board & C-Suite, IT Dept. & H.R.:
- Risk Assessments & Compliance Reviews;
- Incident Prevention & Response Planning & “Table Top” Exercises;
- Employee Training Seminars at low or no cost;
- Breach investigation and notification services (serving as “breach coach” & liason to law enforcement)
- Written employee handbooks, policies & procedures (including “Privacy by Design” options);
- Business Associate, Vendor Confidentiality (and other third party) Agreements;
- Defense of privacy and data breach litigation & government enforcement actions;
- Cyber insurance consultation and referrals.
Contact ECJ for Your Cybersecurity, Data Privacy and E-Commerce Security Needs
For more information regarding the services available from our Department, please contact Pat Fraioli at (310) 281-6346 or Kelly Scott at (310) 281-6348.
ECJ’s Cybersecurity, Data Privacy & E-Commerce attorneys serve clients throughout California and across the nation.