Privacy Policies & Statutory Obligations
stored client information
Effective September 1, 2018, Colorado Revised Statute § 6-1-713 requires “covered entities” to comply with new rules regarding the security and disposal of “Personal Identifying Information.” Any entity in the course of business, vocation, or occupation that maintains, stores, or processes Personal Identifying Information is a “covered entity” and must comply with the statute. Personal Identifying Information means social security number, personal identification number, password, passcode, a state-issued driver’s license or identification card; passport number, biometric data, employer, student, or military identification number, or financial transaction device.
In keeping with the Colorado Statute, WesternLaw Group has appropriate security procedures to protect personal identifying information, including notification procedures in case of a data breach. Per the statute, WesternLaw Group will notify individuals no later than thirty (30) days after the determination of a breach. In addition, WesternLaw Group will notify the Colorado Attorney General of the breach, without unreasonable delay, and conduct a good faith investigation to as to cause of the breach.