Published in Ethikos, The Journal of Practical Business Ethics

November 2017

https://www.everlaw.com/wp-content/uploads/2017/11/2017-06-nov-dec-ethikos-hawke.pdf

Most organizations are operating in a

grey area where regulatory requirements may not exist, and contracts require “reasonable and appropriate” measures to protect data. What does this mean, and how can organizations achieve “reasonable” security measures?

Follow me on Twitter @ldhawke