The Federal Trade Commission (FTC) has made significant changes to security data orders to increase deterrence and improve practices. In particular, the changes cover three areas. Starting in 2019, FTC data security “orders are more specific. They continue to require that the company implement a comprehensive, process-based data security program, and they require the company to implement specific safeguards to address the problems alleged in the complaint”
Also, FTC orders “…increase third-party assessor accountability…orders clearly and specifically require assessors to identify evidence to support their conclusions, including independent sampling, employee interviews, and document review.”
The third area FTC orders cover is elevating “data security considerations to the C-suite and Board Level…every year companies must now present their Board or similar governing body with their written information security program — and, notably, senior officers must now provide annual certifications of compliance to the FTC”
Best business practice is to review data security for legal compliance. Is your data secure? Is your data security legally compliant? Any questions? Feel free to contact me.
#substantiationequalstrust #transparencyformstrust #advertisingandmarketinglawyer #hispanicadvertisingandmarketingattorney #business #entrepreneur