Once PII is legally collected per Privacy Laws, then what?
What do you do with all that PII?
What responsibilities do businesses have to legally protect the PII collected?
What happens if there is a breach? What are you required to do?
Who is responsible for the PII collected if shared?
Do you collect PII? Let me know what you think of having a Cybersecurity plan in the comments.