FIPA – Florida Information Protection Act

What is FIPA?

The Florida Information Protection Act, also known as FIPA is a compliance law that states that certain measures have to be taken to protect PII (Personally Identifiable Information) and this act also contains language concerning notifying the authorities when such a breach has occurred. Significant penalties may be assessed for non-compliance.

Who must comply with FIPA law

Commercial or government entities that acquire, maintain, store or use PII (personally identifiable information) of individuals in Florida are defined as covered entities under FIPA. Even for entities located outside the state, this law applies if they have data about individuals who are based in the state. 

Our services for FIPA compliance

As part of the overall security risk assessment process, we would identify if our clients need to comply with FIPA law. Our services that consider FIPA compliance as part of our assessments and documentation include:

  • Security Risk Assessment (NIST CSF or ISO/IEC 27001 based)
  • FIPA assessment and compliance
  • Information security program improvement
  • Creation of policies and procedures
  • Security Awareness training