FTC compliance: it may be new but it’s not going away. There are many moving pieces when it comes to staying in the FTC’s good graces. To make it less stressful, here’s a handy checklist to print and keep at your desk!
By the one-year anniversary of the Safeguards Rule (June ninth):
-
-
Complete Incident Response plan
-
Complete Risk Assessment
-
Address Risk Assessment findings
-
Push for 100 percent security training completion
-
Verify encryption on any file shares or storage locations
-
Ensure MFA is enabled on email and your DMS
Ongoing tasks to remain compliant:
-
Review access to customer data monthly
-
Review training status monthly
-
Review and update device inventory semi-annually
-
Review vulnerability assessments semi-annually
-
Review incident response policies annually
-
Review Incident Response plan annually
-
Review service providers annually
-
Update/replace end-of-life devices as needed
We hope this list will help you track all of your requirements. Some
providers might do the heavy lifting for you by taking on a few of these tasks. It’s always best to ask about what they may be able to take off your plate. Staying informed is key in the world of FTC regulations.
Subscribing to our newsletter will give you access to tools and updates like these regularly!