7 Reasons the FTC Could Audit Your Privacy Program

Audits can be expensive, and fines and compensatory actions could mean millions more. Here are the things you should be looking out for.

1 2 Page 2
Page 2 of 2

5. Settlement terms go into effect. The FTC's privacy settlements often include injunctions to stop doing the things at the root of the investigation. Some include penalties, fines and orders to pay restitution to victims. Settlements that include a requirement to establish a privacy and security program and conduct an audit usually allow for a grace period of 180 days. If your company subsequently violates the terms of the settlement, the FTC may seek additional monetary penalties and an injunction in federal court.

Getting investigated by the government for the first time can put a chill through a company. Saverice-Rohan recommends against letting a defensive posture take root.

"Be cooperative and maintain a positive dialogue upon completion of the investigation," she told me.

"When appropriate, engage with the commission and their staff prior to making material changes to your business model or privacy practices that you think may spur scrutiny."

This is advice you can take to the data bank.

Jay Cline is president of Minnesota Privacy Consultants. You can reach him at cwprivacy@computerworld.com. See more by Jay Cline

Read more about privacy in Computerworld's Privacy Topic Center.

This story, "7 Reasons the FTC Could Audit Your Privacy Program" was originally published by Computerworld.

Copyright © 2012 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2
Discover what your peers are reading. Sign up for our FREE email newsletters today!