Maintaining files with digital information about clients, including identification information, is simply a necessary part of doing business these days. Prior to maintaining cyber files, companies kept client information in filing cabinets. Unfortunately, by placing such information into the virtual environment you also expose yourself to the potential of having it lost through a breach in cyber security. If you have concerns that this has happened you should speak with your College Station business attorney.
Cyber theft is rampant. Every day companies are being hacked for sensitive information they possess. Theft of internal secrets can severely damage a company. However, theft of client information can expose you and your company to liability. Texas is one of 47 states that have enacted legislation that requires any business to contact individuals or businesses whose identification information is stolen from their files.
For instance, let’s say you have files on 400 past and present real estate clients and someone breaks into your system, stealing sensitive identification and other information pertaining to all of these clients. By law you are required to contact each of these individuals to inform them of the breach. It is estimated that the cost of researching, preparing, and notifying just one person can cost $200 or more. With 400 clients to contact, therefore, the cost simply to inform of this single incident can be over $80,000.
Personally Identifiable Information
Identification information that renders a company liable in such a case has been delineated by the Texas Business and Commerce Code, and includes any information that alone, or combined with other such information provides identification of the individual. Such information includes:
- Names, including that of the individual and/or the mother’s maiden name
- Government-issued identification numbers such as the Social Security number
- PIN numbers on accounts
- An electronic identification number or routing code
- Driver’s license number
- Account numbers
If a Data Breach Occurs
In the event of a data breach your Texas business is required to disclose this to affected individuals as quickly as possible. You are required to provide written or electronic notification to the last known address of all affected individuals.
Disposal of Personal Information
It is essential that your company maintain a system by which personal information that is no longer being used is disposed of. The above-named code requires that a method such as shredding, erasing or other redaction technique which renders the information indecipherable be used. The penalty for improper disposal of records is as much as $500 per record.
An Electronic Data Breach Is Serious
A breach of information can be very costly to your company. If you have concerns about protecting your company against such a breach, work with your College Station business attorney. Call Peterson Law Group today at 979-703-7014 or 936-337-4681.