Security checklist helps ensure compliance

In this two-part article, partner Bart Lazar identifies the need for all businesses to be concerned about data security and identifies steps to take to protect valuable consumer and employee information.

Last month, I wrote about the reasons for protecting the security of marketing and employee information (See “Guard biz data with security strategies,” page 6, Oct. 15). Since last month, California has passed legislation that requires any business that owns or licenses personal information about a California resident to take reasonable security measures to protect the personal information from unauthorized access, destruction, use, modification or disclosure. In addition, any business that shares personal information about a California resident with a nonaffiliated third party shall require by contract that the third party implement and maintain reasonable security procedures to protect the personal information from unauthorized access, destruction, use, modification or disclosure. So, although security practices were not mandated by law last month – they are now.