Internet data privacy protections were introduced to every state across America since the Internet took over. However, as of September 1, 2018, Colorado has raised the standard for taking tighter action in protecting sensitive information throughout the network of cybersecurity systems.
As a small business owner, you are held accountable for protecting information clients and employees submit online or have uploaded. Colorado is holding businesses accountable for complying with the new stricter cybersecurity laws. Otherwise, state government officials may take businesses under heavy investigations.
What does the law state?
Businesses must ensure security measures are taken and put in place within cybernetworks to protect electronic information being transferred with personal information. At the same time, if your business uses a third party for any handling of personal identifying information, the same strict security measures must be implemented. Written policies must be formatted to discuss the protocol of destroying sensitive information.
Personal identifying information
The phrase “personal identifying information” is what the law uses to refer to the many types of sensitive information that can identify an individual. Examples of personal identifying information includes:
- PIN numbers
- Social security information
- Driver’s license number
- Passport and other government issued document numbers
- EIN from tax papers
- Student ID
- Assigned military numbers
Colorado cybersecurity laws include an amendment to its original statute making it mandatory to conduct an immediate investigation when a security breach is identified. Business owners large and small are obligated to follow the law or face serious legal trouble.
Your business doesn’t have to get caught breaching the law. There is help for your business to find compliance and fight unlawful charges related to cybersecurity measures introduced through this new law.