The security measures clause of the Privacy Policy will set out the types of security measures the company has in place to protect the personal information. Note that the clause should accurately list the measures actually taken by the company. Certain industries may be subject to laws with respect to security standards (e.g. banking, financial, insurance, health and medical, education). If the site/app deals with these types of information, the Privacy Policy will specify that the company complies with the required regulations. Most security clauses will contain a disclaimer about the inherent insecurity of information transmitted over the internet, and place the risk of such transmission on the user.