Julia Huston of Foley Hoag writes:
… While we cannot cover all aspects of data security and privacy here, we offer these 10 tips that may be particularly relevant to start-ups.
- Inventory and lock up your sensitive information. Make an inventory of the information that your company has related to individuals, including its employees, contractors, customers, partners, and vendors. Such information includes Social Security numbers, financial account passwords, driver’s license numbers, health information, and credit card numbers. In some jurisdictions, any information relating to a living individual who can be identified (such as name plus contact information) could trigger privacy laws and must be treated as sensitive. Sensitive information, whether electronically or on paper, should be secured. Any duplicates or electronic backups must be similarly secured. It is prudent to avoid making more copies than are needed to run the business, making sure to preserve the ability to restore deleted files if needed.
Read all of the tips on Security, Privacy and the Law.