Best Practices for Protecting Client Information, According to the CFPB
New federal regulations promulgated by the Consumer Financial Protection Bureau will apply to real estate lawyers. But they are also a pretty solid starting point for any lawyer or law firm.
Here’s a summary of the best practices, compiled by Law Technology Today’s Pegeen Turner:
- Create and implement a written Privacy and Information Security Policy which describes how Non-Public Information (read client data) is protected. This policy should include data stored on mobile devices.
- Obtain an Information Security Risk Assessment to verify where data is stored, processed, transmitted and disposed—including external threats to data exposure.
- Verify that your data security system is regularly tested and any issues resolved.
- Create an Acceptable Use Policy that is annually reviewed, updated and verified by employees including use of the internet, email and company resources.
- Confirm that data is only available to authorized users, including procedures for removing terminated employees. (Lock down your network and don’t give everyone access to all of the firm’s data unless they need it).
- Create, test and implement complex password policies.
- Create and implement a policy regarding removable media and restricted use of USB drives.
- Provide encrypted email and encrypted hard drives.
- Document intrusion detection and security alerts. If this has been outsourced, have external party provide reporting of detection and security.
- Verify physical security to the office, server room and other data (offsite storage) is limited to authorized personnel.
- Create and implement a Clean Desk Policy.
- Create, implement and test a Disaster Recovery Plan.
- Create and implement policies for hardware and software updates and modification.
- Create, implement and test backup procedures to prevent data loss, including if this is done through a third-party backup company.
- Require third-parties that have access to your data that they comply with all of the same security procedures.
- Create and distribute a Privacy Policy to your clients.
- Include a privacy statement on your website and describe how the data that is collected on your website is protected.
- Create and implement a policy for record retention and destruction, including these same policies for third parties that retain and destroy firm data.
How close is your firm to following these best practices?
Featured image: “Hand holding pen and checklist on a clipboard” from Shutterstock.
Best Practices for Protecting Client Information, According to the CFPB was originally published on Lawyerist.
Source: https://lawyerist.com/85435/best-practices-for-storing-client-data-according-to-the-cfpb/
Anyone can join.
Anyone can contribute.
Anyone can become informed about their world.
"United We Stand" Click Here To Create Your Personal Citizen Journalist Account Today, Be Sure To Invite Your Friends.
Please Help Support BeforeitsNews by trying our Natural Health Products below!
Order by Phone at 888-809-8385 or online at https://mitocopper.com M - F 9am to 5pm EST
Order by Phone at 866-388-7003 or online at https://www.herbanomic.com M - F 9am to 5pm EST
Order by Phone at 866-388-7003 or online at https://www.herbanomics.com M - F 9am to 5pm EST
Humic & Fulvic Trace Minerals Complex - Nature's most important supplement! Vivid Dreams again!
HNEX HydroNano EXtracellular Water - Improve immune system health and reduce inflammation.
Ultimate Clinical Potency Curcumin - Natural pain relief, reduce inflammation and so much more.
MitoCopper - Bioavailable Copper destroys pathogens and gives you more energy. (See Blood Video)
Oxy Powder - Natural Colon Cleanser! Cleans out toxic buildup with oxygen!
Nascent Iodine - Promotes detoxification, mental focus and thyroid health.
Smart Meter Cover - Reduces Smart Meter radiation by 96%! (See Video).