There’s a lot of compliance standards in the news these days. GDPR, HIPAA, New York’s Financial Department of Services Regulations that govern not only how you’re supposed to be doing business, but how you are supposed to be keeping customer information secure. What they are, is actually just a whole list of requirements that you need to meet as a business owner for how you’re protecting data, how you are using that data, and how that data is stored after you are done with it. When you have a good compliance program in place, it can actually help you to define what you are doing, to make sure you are meeting those requirements, and that you have those reportable just in case of an audit. So start with a security program, get yourself something written down on paper, make sure you are doing it, and report on it regularly.