A large part of what we do as a company revolves around educating not only our clients but members of our communities about information security and management. To meet this goal we provide various resources to help get you started in researching compliance, laws, best practices and more.
Decisions about information security may seem mundane at first, but the more you know, the more urgent the issue becomes. Since the United States does not have a single comprehensive privacy and data protection law, such as Europe’s GDPR, the regulations involved are complicated in how they relate to your organization and your industry. Here are a few suggestions about the resources you should explore both on our site and others as you begin your research into information security and management.
- Find out key laws and regulations: Depending on the state in which you do business and your industry, various regulations dictate how you can collect, use, store, and dispose of physical and digital records containing the personal information of employees and customers. You can begin your research with our analysis of Laws & Compliance.
- Dive deeper: We strongly suggest that you do not solely depend on a summary of relevant laws. In our breakdown of laws, we include links to the entire text of each bill to assist you as you explore what they mean for you and your organization.
- Assess your needs: Once you have done your research, assess the changes you need to make in your organization. This may be as simple as locking your file room to restrict access to stored physical records, or deciding it would be best to store them securely off-site. You may also need to make educated decisions about the secure disposal of paper and digital records when they have reached their end of life. Whether you find a way to comply with relevant laws by using in-house methods or you hire a company like DSS for shredding and destruction, do not be caught sleeping when it comes to information security. If you have special concerns, we recommend consulting an attorney about how to best protect your business from liabilities related to information security and management.
- Explore information governance: If your organization needs to look beyond simple security measures and secure destruction to more advanced record tracking and retention management, you need to explore the world of information governance. This involves tracking and securing records from the time of their creation to their secure disposition.
- Stay up to date: While there are many resources available to you, consider following the DSS Security Brief. This is our company blog where we explore trends, laws, compliance and more as it relates to information management and governance.