Subscribe to LexTalk to stay on top of today’s legal issue and trends.
Catapult Your Career |
Industry Insights & Trends |
Product Training & Tips
When a data breach occurs, the reaction must be swift and comprehensive. Stolen information may contain highly confidential personally identifiable information, protected health information, cardholder data or a business’s trade secrets and proprietary information.
Elizabeth C. Rogers, Shareholder in Greenberg Traurig’s Cybersecurity, Privacy and Crisis Management practice group offers these suggestions to help you and your client prepare for and manage a data breach:
The development of a data breach avoidance plan is recommended in order to minimize risk. Such a plan will identify data content and implement management policies and employee training programs, as well as create an incident response team and a 48-hour action plan. A data breach response plan more specifically addresses measures to take in the event of a breach, including the responsibilities of a data breach response team and all obligations that might arise as required by federal or state law, or otherwise. The costs to businesses that suffer a data breach are substantial, and include expenses incurred for detection and notification, economic losses due to loss of customer trust, class action lawsuits, and penalties imposed by regulators. Notification to affected customers must comply with the rules of the states where they live and/or operate.
For complete coverage of how to create a data breach avoidance plan, implement data security safeguards and prepare a data breach response plan, read the complete article in the Lexis Practice Advisor Intellectual Property and Technology module, or on the Lexis Practice Advisor Journal Website.