Adams and Reese Partner Jack Pringle, practice team leader of the firm’s Privacy, Data Security and Information Governance practice, was interviewed by the Baton Rouge Business Report in the article, “More Than an IT Guy - As companies face rising occurrences of high-tech breaches, law firms add data security to their practice specialties.”
As the magazine notes in a feature from the current issue, last year's security breach at Target Corp. — the third-largest retailer in America — compromised the credit card accounts of as many as 40 million people who had shopped at Target stores, forcing many to cope with credit disruptions. Investigators concluded the criminals captured data that was stored on the magnetic stripes of cards that customers had swiped at cash registers.
The breach put into the hands of the attackers everything they would need to create counterfeit cards. The rising incidence of companies failing to protect data they collect from customers and vendors sends concerns rippling through businesses of all kinds. Many whose data worries previously centered on storing information in ways that ensure access to it in the event of emergency now are focused on how to bolster protections against assaults by high-tech thieves.
“It has become important for all businesses to protect this information, not only because of legal requirements but also because the threat to these information assets has become so much more serious,” Pringle said. Pringle says Adams and Reese is bolstering its expertise in data protection and privacy issues across its offices in order to help clients navigate and comply with relevant laws and guide them toward making better use of the data they collect. “The question is, not if, but when you're going to have a data breach. It's just good business to be thinking about these things.”
Federal laws have been in place for a number of years requiring certain types of businesses, primarily financial institutions and health care providers, to protect information that could cause damage to individuals if it is disclosed without their authorization. The existence of these laws is well-known to financial services customers and health care patients, who often must sign authorization forms showing that a banker or doctor has their permission to share information about them with appropriate other parties.