An Overview of Data Security Legal Requirements for All Business Sectors

45 Pages Posted: 10 Oct 2015

Date Written: October 8, 2015

Abstract

What are the data security legal obligations generally applicable to all U.S. businesses? It is well known that certain sectors of the U.S. economy are subject to extensive regulations regarding data security. But there is also no doubt that non-regulated businesses are subject to data security obligations.

The thesis of this paper is that all businesses, whether regulated or not, are generally subject to legal duties regarding the security of their corporate data. Those duties can be summarized as: (1) a duty to protect the security of their corporate data, and (2) a duty to disclose security breaches when they occur. This paper will explain the source and scope of those duties, including the legal requirement for “reasonable security.”

Keywords: data security, cybersecurity, security, law, legal standard, reasonable security

JEL Classification: k10, k12, k13, k19, k20, k22, k23, k29

Suggested Citation

Smedinghoff, Thomas J., An Overview of Data Security Legal Requirements for All Business Sectors (October 8, 2015). Available at SSRN: https://ssrn.com/abstract=2671323 or http://dx.doi.org/10.2139/ssrn.2671323

Thomas J. Smedinghoff (Contact Author)

Locke Lord LLP ( email )

111 S. Wacker Drive
Chicago, IL 60606
United States
+1 312-201-2021 (Phone)

HOME PAGE: http://www.lockelord.com/professionals/s/smedinghoff-thomas-j?lang=en

Locke Lord LLP ( email )

3122012021 (Phone)
60606 (Fax)

HOME PAGE: http://www.lockelord.com

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Downloads
638
Abstract Views
1,988
rank
49,934
PlumX Metrics