1. Insights
  2. News
  3. Media Mentions

Michelle Reed, Madison Gafford Article on Privacy/Cybersecurity System of Controls Published by Cybersecurity Law Report

Mar 31, 2021

Reading Time : 1 min
Jump to
View People Mentioned in This NewsView Related Services, Sectors, and Regions

Contact:

Jacinta O'Shea-Ramdeholl

Director of Communications

Send Email
+1 212.407.3080

Scott Wasserman

Senior Media Relations Manager

Send Email
+1 212.407.3009

“How Do You Put a System of Controls in Place When Your Target Keeps Moving?,” an article by Akin Gump cybersecurity, privacy and data protection practice co-head Michelle Reed and associate Madison Gafford, has been published by Cybersecurity Law Report.

The article notes that frequent changes to privacy and cybersecurity regulation at the federal, state and local levels “have left businesses reeling on how to comply,” noting the implementation of the California Consumer Privacy Act in January 2020, the nearly 20 states that have introduced some form of comprehensive privacy and/or cybersecurity regulation, and the U.S. Congress’ debate on comprehensive regulation in this area.

The authors note that, “To adapt to this ever-changing regulatory environment, businesses should develop a flexible framework with a system of controls based on core privacy and cybersecurity principles. Implementing this flexible framework allows businesses to get ahead of any future requirements so that a complete overhaul of corporate systems is not required.”

The article outlines what it calls the “dynamic legal landscape” at the federal, sectoral and local levels and lays out a multistep plan for businesses to put a system of controls in place “to decrease risk of liability posed by data privacy incidents and cybersecurity breaches” that includes creating a data inventory, planning how to operate their compliance program, identifying critical stakeholders, and implementing the compliance program.

Reed and Gafford close by noting, “Data privacy and cybersecurity law is a new frontier, with an ever-changing patchwork of regulation. Even though the target keeps moving, the principles underlying these laws and regulations remain the same: know what data you collect/process/share, disclose how you use it, and be mindful of protecting and minimizing the data you keep. With strong governance and regular testing, data privacy and cybersecurity compliance will become part of a business’s culture.”

To read the article in its entirety, please click here.

Share This Insight

Related Services, Sectors, and Regions

© 2024 Akin Gump Strauss Hauer & Feld LLP. All rights reserved. Attorney advertising. This document is distributed for informational use only; it does not constitute legal advice and should not be used as such. Prior results do not guarantee a similar outcome. Akin is the practicing name of Akin Gump LLP, a New York limited liability partnership authorized and regulated by the Solicitors Regulation Authority under number 267321. A list of the partners is available for inspection at Eighth Floor, Ten Bishops Square, London E1 6EG. For more information about Akin Gump LLP, Akin Gump Strauss Hauer & Feld LLP and other associated entities under which the Akin Gump network operates worldwide, please see our Legal Notices page.