An Overview of Data Security Legal Requirements for All Business Sectors
45 Pages Posted: 10 Oct 2015
Date Written: October 8, 2015
Abstract
What are the data security legal obligations generally applicable to all U.S. businesses? It is well known that certain sectors of the U.S. economy are subject to extensive regulations regarding data security. But there is also no doubt that non-regulated businesses are subject to data security obligations.
The thesis of this paper is that all businesses, whether regulated or not, are generally subject to legal duties regarding the security of their corporate data. Those duties can be summarized as: (1) a duty to protect the security of their corporate data, and (2) a duty to disclose security breaches when they occur. This paper will explain the source and scope of those duties, including the legal requirement for “reasonable security.”
Keywords: data security, cybersecurity, security, law, legal standard, reasonable security
JEL Classification: k10, k12, k13, k19, k20, k22, k23, k29
Suggested Citation: Suggested Citation