The security of records and information may be necessary in some situations to comply with statutes, regulations, or contract or licensing agreements. These legal remedies serve to protect the rights of the information owners by defining the obligations of those people in possession of certain records and information. Failure of an information owner to make a reasonable effort to protect the information will not only jeopardize the secrecy of the information, but may also result in a loss of rights to protection under the law. The information owner may find itself unable to prosecute violations or to collect damages from those violations. As the owner of a business you are required to maintain certain information and make such information available to the authorities. An experienced Grantsville, Utah corporate lawyer can advise you on your duties on the security of information retained by your company.
Laws and Regulations
A number of laws and regulations exist that protect the rights of information owners, define information security requirements, and spell out obligations of those in the possession of others’ intellectual properties. The SEC and other regulatory bodies, such as those governing public utilities and financial institutions, require organizations under their jurisdiction to have a disaster recovery plan, which includes protection of records from disaster. The principle of attorney-client privilege, computer security statutes, and SEC regulations relate to the unauthorized disclosure of information. Specific to intellectual properties are patent, copyright, trade secret, and other laws.
Patent rights and protection laws affect patent owners as well as those in possession of others’ patent information. A company can effectively invalidate its own patent when it does not have adequate information security procedures in place prior to filing the patent application. Any and all patent documentation is essential for an owner to defend against a potential challenge. It is a good idea to notarize sketches and notes of concepts in the early development stage to establish when an idea was conceived.
A business may use copyright to protect its own work products, and it has an obligation to observe copyright protection of others’ copyrighted property. Copy right violations may exist when approval or special arrangement with the owner is not obtained to duplicate another party’s materials for use in training programs, to distribute copies of software for use on a number of personal computers, or to allow copies to be taken home for personal use.
Software developers turn to protection in the form of both patent and copyright laws. A software buyer is licensed to use the software under the manufacturer’s terms and conditions, which usually prohibit modification, copying, and transfer of the program. Licensing agreements may vary regarding installation of a software package on both an office and home computer or installation on both a desktop and laptop computer. The law makes no distinction between copying for sale or for free distribution, and software copyright owners now have the right to prohibit rental, lending, or leasing of their software. Unauthorized duplication of software is a federal offense under copyright law, with a possible fine of up to $50,000 and up to five years in prison.
There are a number of federal and state laws and regulations in effect to control the collection, maintenance, use, and dissemination of customer and employee information. Unauthorized disclosure of such information may result in personal injury lawsuits and violation of a law. Customer records may be protected by privacy laws, any statutes applicable to proprietary information, and any government record-keeping regulations specific to an industry, such as financial services and communications. Collective bargaining agreements and federal and state laws may determine employee record-keeping requirements.
Contracts and Agreements
Contracts and agreements with other parties serve to protect the rights of the information owner and to determine obligations of those in possession of the information. Contracts with an outside party for services or a product may contain a confidentiality clause to prevent indiscriminate disclosure of certain information. Separate nondisclosure or confidentiality agreements are frequently used for employees, contractors, and suppliers.
Records that are created or maintained for others as a result of a contractual agreement remain the property of the contracting party. This custodial responsibility includes proper handling of records to comply with existing privacy statutes, other applicable laws and regulations, and any stipulated contractual obligations.
Government contractors must comply with employment, privacy, and classified information laws and procedures. Any federal contractor is subject to a large number of requirements regarding the creation of records, record forms and their technical requirements, record retention, and information access procedures. A firm doing business with the Pentagon, the Department of Agriculture, or the FCC is most likely to encounter government classified information to be restricted to those with both a need to know and the proper government clearance. Nondisclosure agreements bind the recipient of private, proprietary, or classified information to hold that information in confidence. These agreements usually define:
• what information is being provided–it must in fact be sensitive or valuable for enforceability of the agreement
• the intended and appropriate uses of the information
• the terms and conditions for use of information
• restrictions on further disclosure
• how to dispose of any records at the end of employment or the contract
An executed nondisclosure agreement is important as both a deterrent and as a means to enforce any violations.
Records and Information
The compromise or loss of information cannot be prevented solely by laws and agreements. Nor is it always possible to prosecute and recover damages after such an event. To protect its sensitive and valuable information and to preserve its legal rights, a business must make reasonable efforts to protect its information, including:
• confidentiality agreements
• clear identification of the information
• appropriate storage of the information
• communication of protection and access procedures
• other protective measures, such as facility modifications
Government Contractors
If your business in Grantsville, Utah is dealing with government departments, consult and experienced corporate lawyer. Government contractors must comply with employment, privacy, and classified information laws and procedures. Any federal contractor is subject to a large number of requirements regarding the creation of records, record forms and their technical requirements, record retention, and information access procedures. A firm doing business with the Pentagon, the Department of Agriculture, or the FCC is most likely to encounter government classified information to be restricted to those with both a need to know and the proper government clearance. Nondisclosure agreements bind the recipient of private, proprietary, or classified information to hold that information in confidence. These agreements usually define:
• what information is being provided–it must in fact be sensitive or valuable for enforceability of the agreement
• the intended and appropriate uses of the information
• the terms and conditions for use of information
• restrictions on further disclosure
• how to dispose of any records at the end of employment or the contract
• An executed nondisclosure agreement is important as both a deterrent and as a means to enforce any violations.
Screening Employees
Depending on the nature of a job, a company might consider screening of job applicants and nondisclosure agreements for new hires. Employment screening to help assess potential security risks occasionally is as extensive as federal government security clearances for classified information. The legal department should retain employee nondisclosure agreements, or at least keep a list of the agreements if they are stored elsewhere, for reference if a complaint is fried or in the event of an alleged breach of agreement. A confidentiality agreement is the first formal step toward educating employees on information security. From the point of hire and the orientation period through termination, employees should continuously be made aware of the value of records and information as company assets. Even the best security plan is useless if it is not understood or enforced. By raising information-security consciousness, a business reduces the risks of inadvertent information disclosure. Sensitive and valuable information must be clearly marked in a consistent manner, and employees need to be trained to recognize such records. Employee responsibilities regarding the receipt, handling, and usage of the company’s or others’ proprietary information in the course of business-related duties should be clarified in orientation sessions, security briefings, and training sessions targeting specific user groups. The potential for employee sabotage cannot be completely eliminated, but an organization can implement deterrents, and the means to prosecute and recover damages. A confidentiality agreement and company policy may state that compliance with information security policies and practices is a condition of employment, and that failure to comply may result in appropriate disciplinary action, up to and including dismissal. Any loss, compromise, or suspected compromise of information should be referred to a security, auditing, data processing, or other appropriate group or individual for investigation and follow-up. Information security policies and practices should be monitored and documented regularly. Documentation helps preserve the right to prosecute the theft of information by showing that:
• the information was in fact in need of protection
• reasonable measures were taken to protect the information, including employee training activities and facility security measures
• the access was unauthorized
Employee responsibilities for information security do not always end with employment termination. In fact, post termination often is the time of greatest risk to information security from an employee. The termination process may include steps to ensure that all records and information in the employee’s possession are returned and that future access is denied. An exit interview may reaffirm employee agreements and even provide a new statement for signature that confirms the return of all proprietary documents, work products, access cards, ID badges, keys, and other assets. Computer system passwords should be deleted or changed immediately. When an employee leaves to work for a competitor, some businesses have their legal counsel send a letter to the competitor as notification of the employee’s obligation not to disclose any confidential information that may have been acquired during employment.
Proper Destruction
The creators and users of sensitive or valuable records also frequently have the responsibility for their destruction. A records retention schedule is the formal authority for when records are to be destroyed according to legal and business requirements. A comprehensive retention schedule will also specify the disposition of outdated and superseded records, drafts, notes, and poor copies when they are no longer needed. The proliferation of photocopiers, computers, and optical disks makes it more difficult to ensure that all copies are disposed of at the proper time. The retention schedule must be applied to records in all media: paper, film, electronic, magnetic, optical disk, audio and video cassette, photo, slide, transparency, carbon ribbon, metal offset plates, and so on.
Proper disposition at the end of a sensitive or valuable record’s life usually requires obliteration of the contents through mutilation or erasure. This type of destruction is an important substitute for tossing paper and microfilm records into the trash, where they become part of the public domain and accessible to the competition, computer hackers, and others. Erasure is used most frequently for dictation, audio, and video tapes, as well as electronic and magnetic media.
Information released to others
There are occasions when it is appropriate or necessary to release valuable or sensitive information to suppliers, customers, other businesses, the litigants, the government, and other parties. A business will need to show due care when releasing information for such legitimate purposes.
Handling Requests for Information
After a company’s sensitive and valuable information has been clearly identified and marked, new considerations come into play in the determination of when disclosure is appropriate and what protective measures need to be taken if the information is released. Clear guidelines are needed for proper information disclosure practices. Information releases may be initiated by:
• the company
• requests from others
• legal and statutory obligations to provide information
Disclosure of valuable and sensitive information normally is accompanied by appropriate restrictions to protect the best interests of the company. Just as a nondisclosure agreement is common for company insiders (employees, temporaries, and consultants), so is it also used when information is shared with outsiders (government agencies, suppliers, manufacturers, and other parties). When sensitive information is provided orally, there should be a written confirmation to the recipient to reaffirm that the information is sensitive and governed by a signed confidentiality agreement
As an owner of a business in Grantsville, Utah you have certain responsibilities for information protection. Seek the assistance of an experienced corporate lawyer.
Grantsville Utah Business Lawyer Free Consultation
When your corporation or LLC needs legal help, please call Ascent Law for your free consultation (801) 676-5506. We want to help you.
8833 S. Redwood Road, Suite C
West Jordan, Utah
84088 United States
Telephone: (801) 676-5506
Recent Posts
Utah Divorce Lawyer on Divorce in Utah
Call a West Jordan Car Accident Lawyer
Things You Need To Know About Prenups
Is It Illegal To Withdraw Money From A Deceased Person’s Account?
Ascent Law LLC St. George Utah Office
Ascent Law LLC Ogden Utah Office
Grantsville, Utah
Grantsville, Utah
|
|
---|---|
Coordinates: 40°35′45″N 112°27′55″WCoordinates: 40°35′45″N 112°27′55″W | |
Country | United States |
State | Utah |
County | Tooele |
Settled | 1848 |
Named for | George D. Grant |
Area | |
• Total | 37.59 sq mi (97.36 km2) |
• Land | 37.47 sq mi (97.05 km2) |
• Water | 0.12 sq mi (0.30 km2) |
Elevation
|
4,304 ft (1,312 m) |
Population
(2010)
|
|
• Total | 8,893 |
• Estimate
(2019)[2]
|
12,064 |
• Density | 321.95/sq mi (124.31/km2) |
Time zone | UTC-7 (Mountain (MST)) |
• Summer (DST) | UTC-6 (MDT) |
ZIP code |
84029
|
Area code | 435 |
FIPS code | 49-31120[3] |
GNIS feature ID | 1428338[4] |
Website | Official website |
Grantsville is the second most populous city in Tooele County, Utah, United States. It is part of the Salt Lake City, Utah Metropolitan Statistical Area. The population was 8,893 at the 2010 census. The city has grown slowly and steadily throughout most of its existence, but rapid increases in growth occurred during the 1970s and 1990s. Recent rapid growth has been attributed to the nearby Deseret Peak recreational center, the Utah Motorsports Campus raceway, and the newly built Wal-Mart distribution center located just outside the city. It is quickly becoming a bedroom community for commuters into the Salt Lake Valley.
[geocentric_weather id=”175ee448-30ce-41e7-9c8f-5aeede6f3372″]
[geocentric_about id=”175ee448-30ce-41e7-9c8f-5aeede6f3372″]
[geocentric_neighborhoods id=”175ee448-30ce-41e7-9c8f-5aeede6f3372″]
[geocentric_thingstodo id=”175ee448-30ce-41e7-9c8f-5aeede6f3372″]
[geocentric_busstops id=”175ee448-30ce-41e7-9c8f-5aeede6f3372″]
[geocentric_mapembed id=”175ee448-30ce-41e7-9c8f-5aeede6f3372″]
[geocentric_drivingdirections id=”175ee448-30ce-41e7-9c8f-5aeede6f3372″]
[geocentric_reviews id=”175ee448-30ce-41e7-9c8f-5aeede6f3372″]