Privacy and information security rules and regulations are changing monthly. Whether you are aware of it or not, privacy protection and information security have become business imperatives. Do you know what your legal obligations are to your customers, prospects, associates, vendors, and employees? Have you fully covered your assets?

Today's maze of enacted laws, pending legislation and best management practices related to privacy and information security issues is enough to make even the most savvy business person's head spin. Did you know that there are different laws being written in several states and in Congress on these subjects? Are you tracking them to make sure you know if, and how, they will affect your business and adapting your business model accordingly?

To help take the complexities out of fair information practices and data compliance issues and let your business focus on your business, not pages upon pages of compliance and regulatory drafts that may or may not apply to your business process, here is a handy dandy privacy and information security checklist.

Have you:

• Posted an on-line privacy policy and an off-line privacy policy?
• Placed an opt-out option on all commercial email communications and honored each request?
• Analyzed internal policies and procedures from the security, privacy and employment law perspectives?
• Reviewed contracts with customers, subscribers/members and third party vendors in relation to these issues?
• Reviewed association or MLS rules and regulations to include these concepts?
• Conducted federal and state legislative analyses of liability specific to the information you maintain?
• Begun monitoring pending legislation that will impact your business?
• Completed a thorough information security audit? (Note: The audit includes a review of: 1) hardware; 2) software; 3) passwords; 4) third party vendor software and systems; 5) protection from unauthorized access; 6) vulnerability to outside and internal attack; and 7) monitoring and security issues.)

If you checked off all of the boxes above, you are a visionary who sees the waves of change arriving and knows how to surf them. If you are still missing some check marks, be sure to put those into your budget because your exposure to liability is great, fines and lawsuits are on the rise and substantial. There is no quick fix to a public relations disaster. Don't get caught up in a guessing game with your business- no matter how large or how small -- cover your assets!

Darity Wesley is CEO and Legal Counsel for Privacy Solutions, Inc. a San Diego based consulting firm. Her team of Privacy Gurus® work with you to create policies and procedures to establish the expectation of privacy for your members, clients, customers, prospects, affiliates, associates, employees and vendors. You can reach her at (619)670-9462 or Darity@privacygurus.com