When I talk about risk with construction firm owners, the topics immediately go to job safety, workers’ compensation mods, and the ever-increasing need to mitigate injuries.
As we expand our usage of digital technology, we also increase our digital risks – risks that if not addressed could easily cripple a business overnight.
Client Privacy: If you’ve ever been to a doctor, you’ve signed a HIPAA form, informing you of your right to privacy when it comes to your personal and private health care information – life is no different in construction. It’s your responsibility to ensure that your client’s private information is secure and private. That includes the use of email addresses and cell phone numbers especially if you do any type of communication with people in the EU. With the adoption of GDPR (General Data Protection Regulation) in 2018, hefty fines could be levied against you for non-compliance and that includes emailing or calling them without their consent. Proactive measures should be taken so all computers are secure and that includes mobile devices, and all employees should understand the risks.
Online Security & Systems: Speaking of proactive measures, our mantra in the risk management world is “it’s not if a security breach will happen, it’s when.” You absolutely have to assume that someone at some point will try to hack into your systems and steal valuable information. Constantly updating and testing your online security – including using passwords that are beyond difficult to replicate – is key. Don’t forget software updates within your internal systems – many of the updates are to address security issues. Do them regularly and as requested by your software providers. Assign an internal person to oversee your digital security – this person’s role is to not only put systems in place but enforce the protocols with employees. Note: employees are often your biggest risk because they will click on links that aren’t secure, download files they shouldn’t, or release private information over email that potentially can get into the hands of a hacker.
ADA Compliance: Most businesses understand the need for ADA compliant buildings, but many forget the need to be compliant online as well. Increasingly we are seeing lawsuits arise for non-ADA compliant websites – we predict the trend will continue to the point where all websites will need to follow the path. The best solution is to speak with your web provider/designers and have them make the adjustments. For more information visit w3.org – the standard for all website ADA compliance.
What is yours – IP: From patents to copyrighted materials to top-secret intel – protecting intellectual property from being pirated should be at the forefront of your digital risk management processes and procedures. We often see smaller companies, who don’t have the luxury of large legal teams, fall victim to IP theft – once it’s done, it’s hard to recoup as the damage is often crippling. Starting with simple copyright and trademark symbols on your documents is important, but further that protection by talking with your attorney on the next steps for patent filing and registering your trademarks. Unfortunately in this situation, the bigger dogs typically win simply because of the dollars involved.
It’s important that you spend some time with your Risk Management professional to discuss your digital risks so you can develop a solid risk mitigation plan that includes insurance, training, and policies. Remember – it’s not if, it’s when.
Material posted on this website is for informational purposes only and does not constitute a legal opinion or medical advice. Contact your legal representative or medical professional for information specific to your legal or medical needs.