Data Breach Notification Policy
Lincoln Square Coaching LLC ("we", "us", or "our") is committed to protecting the confidentiality and security of our clients' personal information. In the event of a data breach that compromises the security or confidentiality of personal information, we will take the following steps:
Investigation: We will promptly investigate any suspected or confirmed data breach to determine the nature and scope of the incident.
Notification:
Affected Individuals: We will notify affected individuals without unreasonable delay but no later than 60 days after the discovery of the breach. This notification will include a description of the incident, the types of information involved, and the steps we are taking to mitigate the harm.
Regulatory Authorities: We will notify relevant regulatory authorities, as required by law, within the specified timeframes.
Mitigation: We will take reasonable steps to mitigate the potential harm caused by the breach. This may include providing credit monitoring services, identity theft protection, or other forms of assistance to affected individuals.
Documentation: We will maintain records of all data breaches, including the details of the incident, the steps taken to investigate and mitigate the breach, and any lessons learned to prevent future incidents.
Review and Improvement: We will regularly review and update this policy to ensure its effectiveness and compliance with applicable laws and regulations.
Information Security Practices
Lincoln Square Coaching LLC is committed to protecting the confidentiality, integrity, and availability of our clients' personal information. We have implemented the following security measures to safeguard this information:
Physical Security: We maintain physical security measures to protect our facilities and equipment from unauthorized access, damage, or theft.
Technical Safeguards: We employ technical safeguards such as firewalls, intrusion detection systems, encryption, and access controls to protect our computer systems and networks from unauthorized access or misuse.
Administrative Safeguards: We have established administrative procedures and policies to manage access to sensitive information, train employees on security best practices, and ensure compliance with applicable laws and regulations.
Risk Assessment: We regularly assess our information security risks and take steps to mitigate those risks, such as implementing additional security measures or updating our policies and procedures.
Incident Response: We have an incident response plan in place to address security incidents promptly and effectively. This plan includes procedures for reporting, investigating, and mitigating security incidents.
Employee Training: We provide regular training to our employees on information security best practices, including how to recognize and report security threats.
Vendor Management: We carefully select and manage vendors who handle our client information, ensuring that they have adequate security measures in place.
Policy Review: We regularly review and update this policy to ensure its effectiveness and compliance with applicable laws and regulations.
Reporting Security Incidents:
If you suspect a security incident, please report it immediately to Joseph Amodeo at [email protected]. By implementing these security measures and policies, we strive to maintain the trust and confidence of our clients and protect their personal information from unauthorized access, disclosure, alteration, or destruction.