With the data privacy and cybersecurity landscape in constant flux and evolution, businesses must perpetually adapt to reduce their liability exposure. Below is a “quick hit” list of Hall Booth Smith’s top 10 privacy and cybersecurity action items for businesses to ponder:


  1. Determine if any newly passed privacy laws apply to you. Review industry sector and federal and international laws.
  2. Conduct data mapping exercise, including vendor transfers and geographic location.
  3. What personal data do you collect? Who do you share it with?
  4. Audit vendor contracts for applicable privacy law compliance provisions.
  5. Update your privacy policy to accommodate domestic and international regulations.


  1. Review cyber insurance coverage.
  2. Implement multi-factor authentication for remote access.
  3. Audit user and service accounts to remove unused accounts.
  4. Review or create your cyber incident response plan.
  5. Implement or review employee security awareness training.
The HBS Data Privacy & Cyber Security practice group can assist with the preparation and implementation of proactive compliance plans to not only comply with relevant privacy laws and regulations, but also work towards a Strategic Privacy by Design plan for your business. HBS can also provide you with proactive strategies to reduce the likelihood of a security breach and remedies to reduce your loss exposure should your data be compromised. If your company has experienced a data breach, call 888.427.8296 for immediate assistance, or email databreach@hallboothsmith.com.