Developments in privacy law: Does your business have a legal obligation to encrypt sensitive personal information?
Fast forward one year from now and imagine that one of your employees has just returned from a successful business trip to Boston. Actually, the employee killed it and he is coming home with a lot of new customer names and corresponding credit card numbers!
The employee comes into the office Monday morning and reports, “Boss, I have some good news and some bad news. Which would you like first?” You opt for the good news – and he informs you that he is pretty sure that he broke the company record for sales. Now the bad news, he informs you that his laptop was stolen or lost sometime during the return trip. However, he says everything will be fine because he has all of the customer’s business cards and he is planning on calling each customer today to recover all of the lost data. Is everything “fine”?
