Data privacy is one of the areas in which the old adage “prevention is better then cure”, certainly applies. A tiny bit of harmful code posted on your website could cause a huge amount of damage. From a pop-up to a blog compromise of your system, or a stolen session or password. As part of your data security policy you should specify the frequency and manner in which your system is scanned for this kind of malicious code. Also, you should determine what safeguards are in place mitigate the risk.

Update any scripts or software platforms which you use on your website regularly. Hackers aggressively target security flaws in popular web software programs, and a lack of timely updates opens your system up to attack. It is also recommended to restrict access to databases or networks to a minimum number of people required to perform their duties.

Develop a response strategy to address potential breaches, and assign a staff member to manage this process. Depending on the nature of your business, you may require notification of consumers, law enforcement, customers, and credit bureaus. This is a serious issue that should be planned in advance.

Set up strong password requirements and make sure you have a way to store passwords. For example, requiring upper and lowercase characters, numerals and special characters. Additionally, you can use salt and slow hash functions. Avoid storing sensitive information about users. And should you have to, reduce the risk by encryption or deleting the data after a certain time.