New privacy laws are sweeping the nation and they are tough. One requirement is that companies ensure that any sensitive and personally-identifiable information transported on mobile devices or technologies be encrypted. This means that laptops, cell phones, flash drives and backup tapes must be encrypted. How many companies are doing that? How many even know what sensitive information is on mobile devices?

Many of the new laws also spell out requirements regarding how such information can be communicated (email is a problem). How many companies know what sensitive information is being sent outside the company?

We can identify the likely record types on a privacy data map and provide benchmarking for about a dozen specific industries. For companies in those industries, these standards are the best and fastest way to zero in on the most probable points of failure (and legal liability). For other industries, it’s time for some serious fact gathering.

Privacy laws were serious, are getting more serious and will continue to do so. There is simply no avoiding them. But once the situation is clearly assessed, most of the risks will vanish. Who doesn’t want to accomplish that?