Nextgen Solutions - No Background - wide - 01-01
Contact Name
Address
Do you collect, store, or process credit card payments?
This includes POS systems, online checkouts, or storing card numbers—even if done through a third party (e.g., Stripe, Square). PCI-DSS applies.
Do you collect or store Social Security Numbers (SSNs) for employees or clients?
SSNs are considered highly sensitive PII and are subject to breach notification laws.
Do you keep records with names, addresses, phone numbers, or email addresses of employees or clients?
This type of data is classified as PII (Personally Identifiable Information) and must be protected.
Do you collect drivers license numbers, passport details, or other government-issued IDs?
These are protected identifiers under most state and federal laws.
Do you store or access health records or medical information, including insurance or diagnoses?
If yes, your business may fall under HIPAA compliance.
Are you a healthcare provider, clinic, insurer, or a vendor that works with healthcare data?
Examples include IT support, billing software vendors, or consultants handling medical information.
Do you store or manage student records such as grades, attendance, or IEPs?
This may bring your organization under FERPA regulations.
Do you work in finance, accounting, or handle bank account or tax data?
Financial services may be covered by GLBA, IRS, and other regulatory frameworks.
Do you collect personal data such as names, emails, or preferences from individuals outside the U.S.?
This can trigger international privacy laws like GDPR for the EU or equivalents in other countries.
Do you manage or store legal documents, contracts, or other confidential client information?
Legal and professional service firms often must comply with confidentiality and data protection requirements.