ASTM International, the international standards development organization, has proposed a cannabis standard for establishing retail cybersecurity protocols. Their D37 cannabis committee is currently working on the development of the standard.
The standard is designed to establish best practices for protecting critical databases in dispensaries, like inventory data, customer and patient information. The guide, developed by subcommittee D37.05, addresses “the company or government organizational need to mitigate the likelihood of cyberattacks and reduce the extent of potential cyberattacks, which can leave sensitive personal data, corporate information, and critical infrastructure vulnerable to attackers,” reads the scope of the project.
Technical Lead for the subcommittee and president of ezGreen Compliance, Michael Coner, says they hope to provide SOPs for retail operations to protect business data while staying compliant. “Cybersecurity is among the most prevailing issues concerning the cannabis industry as well as the global cannabis economy,” says Coner. “Establishing strong cybersecurity protocols for dispensary retail owners will help ensure the protection of data to maintain the integrity of cannabis consumers’ personal information.”
The ASTM committee is currently inviting stakeholders such as retailers and regulators to help with things like “identifying new data security issues that arise while operating active retail dispensary businesses.”