Just like we said it would, another federal data breach law is being considered by the US congress. This is not the first time this has happened but something tells me we should take it a little more seriously this time around.
First, the stakes are much higher now and the risk of not passing such legistlation is too grave to contemplate. Congress is well aware of the perils of data loss and during a time of financial crisis, such legislation could be seen as a much needed public policy advancement. But, how will such a law impact the managed services community? Let’s take a look.
The law will likely focus on protecting data more than targeting specific companies. Data that is deemed sensitive and worthy of protection will be equally important whether it is being housed by a financial services firm, a hospital, or a retail store. If this happens, all businesses transacting this type of legislated data will be responsible for taking certain precautions to protect the data while it is in their care. If they compromise the data, they will most likely have to notify those affected parties. The shame factor alone will be enough to scare most companies into taking data privacy protection seriously.
MSPs are in the best position to advise and help protect their clients against such data breaches. After such a data breach law is passed, there will be a period of time where companies scramble to prepare themselves and their IT. One thing is for sure, if the bill becomes law, MSPs will be thrust squarely into the public eye. This means lots of opportunity and lots of scrutiny. In my opinion, such a law could not come at a better time.
If your firm deals at all with data privacy or protection I’d love to hear your thoughts on what this law might mean for you.