A 2013 study by A.T. Kearney, a global management consulting firm, notes that half the 40 top companies who participated expected compliance incidents in data protection. This category rated higher than product safety. The manufacturers also noted that they were planning to invest in data protection to ensure compliance.
Are you one of the many manufacturers who expect to see an increase in the number of compliance issues around data security? If so, it is now time to start planning following a few basic steps:
- Determine what regulations and standards around data protection are relevant
- Conduct a thorough risk assessment
- Develop and implement a plan for preventing, mitigating and recovering from any breach of data security
- Write and train employees on policies and procedures to ensure compliance for data protection
- Develop and implement a monitoring and audit plane
- Designate compliance as a management responsibility that requires regular review
The regulations and standards for manufacturers are as varied as the products they make. Some of the most common include:
- International Organization for Standardization (IOS) including 27000 regulations with Requirements for an Information Security Management System for financial information, intellectual property, employee details and confidential third party info
- Federal Drug Administration (FDA), including software and systems involved in processing electronic data
- Environmental Protection Agency (EPA)
- Payment Card Industry Data Security Standard (PCI-DSS) for accessing, processing and storing credit card
- Fair Credit Reporting Act to protect consumer data
- Securities Exchange Commission (SEC) disclosure rules for publicly traded companies, no matter what industry
In response to the complexities, overlaps and importance of these regulations, even small to mid-sized manufacturers are increasingly contracting with third parties as a best practice to ensure compliance. These managed service providers such as Digital6 Technologies are experienced in assessing your risks, helping you develop a data protection strategy and recommending the best tools for compliance in securing your business data.