Data Theft or Loss: Ten Things Your Lawyer Must Tell You About Handling Information

Ivey Business Journal OnlineVol. 71 Nbr. 6, July 2007Feature Article

Author: Bavis, Craig

Linked as:

Summary

The goal of this article is to identify the legal issues that should be considered in the development of enterprise information systems. This aims to provide senior managers and boards with a succinct checklist or oversight document that they can then use to engage their Chief Information Officers (CIOs) and auditors in meaningful dialogues about the security and privacy of data in their organizations. Here are some best practices that should allow an organization to protect its data and comply with the law: 1. An organization's use of information is governed by specific legislation, the Personal Information and Protection of Electronic Documents Act (PIPEDA). 2. Organizations are responsible for the use of information they collect even if this information is not in their possession. 3. Individuals have a right to know how their personal information is used. 4. Information systems can be seized and organizations can be required to produce information. 5. Certain information is privileged and cannot be disclosed.

See the full content of this document

Extract

Data Theft or Loss: Ten Things Your Lawyer Must Tell You About Handling Information

Most organizations spend vast sums on information technology to gather, manipulate, store, and use the information and data they gather. Yet, as these authors point out, managing this resource entails protecting it and complying with all laws and regulations. The authors prescribe ten best practices that should allow an organization to protect its data and comply with the law.

Earlier this year, the TJ Maxx group of companies (TJX), which includes the HomeSense and Winners stores, was left scrambling after hackers stole and used customer data, including credit and debit card information. As a result of this transgression, and of accusations by the U.S. Federal Trade Commission (FTC) that TJX handled its data improperly, the stock price for the company took a drop of over 5%1. This is notable for the fact that it is significantly more than the avera...

See the full content of this document

Sponsored links


Related topics

Related searches

Next >

ver las páginas en versión mobile | web

ver las páginas en versión mobile | web

© Copyright 2012, vLex. All Rights Reserved.

  • Language

Contents in vLex United Kingdom

Explore vLex

For Professionals

For Partners

Company

Other documents:

pupils were targeted by sick pervert | Boy in Ice Cream Van Fall | annual mots for 40,000 heart patients in citynhs scheme aims to cut risk of second attack | Hey Ref! | Penguins Q&A Rob Rossi Answers Your Questions | brookings institution to hold briefing june 30 in washington, d.c. on 'countdown to the g-8 summit' | Pa Preservation Board Protects Additional 2,928 Acres of Prime Farmland | gilmore moves on white house bid ; calls 'conservative leadership' distinguishing mark