For many businesses, collecting sensitive consumer and employee information is an essential part of doing business. It is your legal responsibility to take steps to properly secure or dispose of the information. Financial data, personal information, and material derived from credit reports may raise additional compliance considerations.
The Federal Trade Commission (FTC) regulates and oversees business privacy laws and policies that impact consumers. Here is how you can ensure you are compliant with the law:
Protecting Consumer Privacy
In general, your online and offline privacy policy is your company's pledge to your customers about how you will collect, use, share, and protect the consumer data you collect from them. To ensure you are in compliant with the law you should consider the following when drafting your online privacy policy:
- Explain how you collect and use personal information
- Display your privacy policy online
- Publish your email opt-out policies
- Talk to an expert
Using and Disposing of Consumer and Employee Credit Reports
Some businesses may use consumer credit reports for purposes of evaluate creditworthiness for entering into leases or obtaining insurance, or even evaluating job applications. It is your responsibility under the Fair Credit Reporting Act to comply with the use, report and to dispose of consumer credit reports lawfully. Each reason for inquiry is different, therefore you should consult with an attorney before obtaining such reports and on how to handle sensitive personal data.
Enforcing Data Security and Preventing Identity Theft
Many businesses keep sensitive personal information about customers or employees in their files or on their network. Having a sound security plan in place to collect only what you need, keep it safe, and dispose of it securely can help you meet your legal obligations to protect that sensitive data.
Safeguarding Sensitive Financial Data
The Gramm-Leach-Bliley Act requires companies that offer consumers financial products or services like loans, financial or investment advice or insurance to explain their information sharing practices to their customers and to safeguard sensitive data. Ensure that you are in compliant with these laws and that you have privacy policies in place.
Next month we will be talking about why you need a Buy/Sell Agreement – What Every Business Owner Should Know.
Each case is different so remember, Bagla Law is always here to help you with your business needs because You Know Your Business – We Know the Law!
If you have any questions about these issues or other topics please feel free to give us a call.
Talk with you next month,
Kelly
|