The frequency and magnitude of data breaches are increasing. Boards of directors and executive management, as well as IT departments, are more focused on better management and protection of IT systems and data than ever before. Yet, boards and executive management often don’t appreciate the significance of information security risks until it’s too late -- that is, after a breach has occurred. Increasingly, state and federal law enforcement and regulatory agencies are auditing corporate cybersecurity and privacy readiness, forcing organizations to evaluate both their internal practices as well as any third party potentially possessing, managing, or accessing customer, client or personally identifiable information. In addition, the recent EU-US safe harbor invalidation, and subsequent revisions to the General Data Protection Regulation and development of the Privacy Shield, will have an extraordinary impact on any company doing business outside US borders.
Effective data security and privacy policies
Data security breaches threaten to capture a variety of confidential and privileged records, as well as personally sensitive and private information. Breaches can include electronic data from a wide variety of sources, including:
- Social media streams such as Twitter, Facebook, and Instagram, as well as related business communications
- Data from research studies in pharmaceutical trials
- Information collected through telematics of patient information to improve diagnosis and care
- Financial information collected in globally connected databases
An effective and comprehensive data security and privacy program focuses first on creating a secure environment, including:
- Identifying security, privacy, compliance and eDiscovery requirements in early stage application development
- Building a data protection program
- Implementing privacy policies and notices, standards, guidelines and processes
- Providing training and process development for incident response/breach notification
- Executing incident response & breach notification plans for in house legal departments
Our approach to data security and privacy
With Robert Half Legal’s risk-based approach, security is the focus, not an afterthought.
Robert Half Legal is a premier provider of legal consulting and staffing services. We deliver data security and privacy solutions to major companies and organizations around the world. We provide a comprehensive approach, from the definition, design, and building of a data security framework to measuring the framework’s effectiveness and refining it as needed. Our approach encompasses technology, enterprise risk management, regulatory and legal considerations.
Robert Half Legal’s data security and privacy solutions
Robert Half Legal offers a variety of services within the data security and privacy realm, including:
- Security Policy & Program Services
- Security Strategy & Architecture Services
- Security Implementation & Deployment Services
- Security Metrics
- Creation of incident response and breach notification plans for in-house legal departments
- Data Classification and Leakage Services
- Encryption, Storage Strategy, and Implementation Services
- Privacy Management & Implementation Services
- Vulnerability Services for infrastructure, applications, network, and databases
- Incident response/breach notification training and process development
- Risk assessments regarding the impact of application use across jurisdictions on litigation, investigations, and related compliance and retention requirements
- Cross-border data transfer solutions
- Review of third-party data exchange/international agreements
Contact Robert Half Legal
Learn how Robert Half Legal can help you develop an effective and comprehensive information governance and records management program by contacting us at 1-866-894-5598 or locating the nearest Robert Half Legal office.