THE BOURNE FIRM
Experienced on-demand general counsel for small to mid-sized companies not yet ready for full-time general counsel.
Contact : jon@thebournefirm.com ( 303.765.2436
© 2022-2024 THE BOURNE FIRM LLC. All rights reserved.
Where's your data?
Where's your data? Privacy and security today are key components of any business. Governing regulations are incredibly complex. They are not becoming simpler. Here are three key considerations for protected health information, however, that will get you started:
- Have a plan? Ensure you have administrative safeguards (such as policies and procedures) with respect to purpose (only obtain relevant data); notice (if needed, of types of information collected); consent (if needed, of collection and use); quality and correction (current, accurate, and complete); access (on a need to know basis); use (only for appropriate purposes); disclosure (only if authorized); and risk (an overall risk assessment).
Tech geek present? Be certain that technical safeguards are adequate, including with respect to access (on a need to know basis); type (safeguards consistent with type of data); and integrity (loss, corruption, and unauthorized revision).
- Are you physical? Physical safeguards, too, are critical, including protection of information systems and related buildings and equipment from natural and environmental hazards (such as floods) and unauthorized intrusion (with, for example, facility access controls, workstation security and device and media controls).