Read the latest thought leadership and industry news from the experts at Gimmal!
Being tasked with putting together a plan for any type of information governance solution for your organization, whether addressing privacy, records management, eDiscovery or another concern can seem daunting. We understand the time it takes to search the internet, go to trade shows and comb through vendor marketing collateral.
A recent article from Lexology points out that many organizations think of cyber security as simply an IT problem. However, it has become clear that the risks involved with data security can effect every business unit. Unfortunately, general counsel is usually involved after a breach in a reactive fashion. The proactive approach that allows general counsel to be a part of the planning and prevention of a cyber security breach will save untold amounts of work and costs.
Cyber intrusions or hacks are generally seen as the domain of the IT department, however it is critical that the general counsel be involved in the creation and execution of the data governance risk and compliance strategy. In fact in a recent survey of 450 companies, 31% of respondents stated they rely on IT, while 21% said they rely on general counsel to be primarily responsible for compliance after a data breach.
A recent Federal Court decision may create lasting opinions about how information is governed and brings about additonal risk and compliance issues. The court has decided that P.F. Chang’s cyber insurance policy does not cover expenses from the restaurant’s 2014 privacy breach.
This is part 2 of a 4-Part Series on Corporate Governance in the Information Age from insidecounsel.com