Jonathan Frost, Business Lawyer

© Copyright 2019 by Jonathan Frost

© Copyright 2019 by Jonathan Frost

1990 N California Blvd 8th Floor

Walnut Creek, CA 94596

(415) 955-1935

  • White LinkedIn Icon
  • White Facebook Icon
Search
  • Jonathan Frost

Privacy Policies Overview


Privacy Notices

The notice posted on a business’s website or place of business which typically states:

  1. What information is being collected

  2. How the information is being used

  3. How the information is being protected

  4. How the consumer can access, remove, or request that the information not be collected

Data Mapping

Data Mapping is the internal information practice of cataloging:

  1. What data is being collected and from whom

  2. How sensitive the data is

  3. How the data flows within the organization

  4. Who has access and who is responsible for the information

Security Procedures

Security procedures come in a number of varieties, but should be reasonable given current security standards, taking into account the sensitivity of the information. For instance, a court could hold that reasonable procedures with respect to medical history are greater than reasonable procedures as applied to storage of names and IP addresses.


Breach Plan

An information security aphorism is “there are two types of companies, those who have been hacked and those who don’t know they’ve been hacked”. All fifty states, with California leading the way, now require companies who have released customer data as a result of a security breach to disclose the breach to their customers.


White JF Logo_2x.png