Be Prepared: Creating a Data Breach Response Plan
The first half of 2014 has been filled with companies facing data breaches across various industries. These occurrences have affected both large and small companies.
With so many recent incidences, organizations should have advance planning in case breaches do occur. A recent article by Peter Sanborn has outlined a guideline for organizations to follow when they learn of an actual or suspected security or data breach. The following are elements organization should consider:
- Response team members and their contact info
- Procedures for analyzing and containing a potential security data breach
- A communication plan that encompasses all stake holders including customers, shareholders and regulators
- Execution plan for notifying affected individuals
- Remediation measures to be taken following a data breach
- External resources and contacts including legal, communications, IT security/forensics and credit monitoring service providers.
- Credit bureau information
- Insurance information
Along with these elements come questions that an organization should be asking themselves. One of the key questions is “what kind of personal information do we collect and from whom?” For more information on a data breach response plans please read Peter Sanborn's article.
HUB International TECHNOLOGY
HUB International TECHNOLOGY is based in Vancouver and focuses on insuring and protecting public and private companies in the technology sector. We offer Risk Management and Loss Control strategies, placing General Liability, Property, Business Interruption, Cyber Liability, along with other coverages for all types of technology companies, including E-Commerce.
 Peter, Sanborn. "Key Questions To Ask When Preparing A Data Breach Response Plan (Part I)." Advisen. Advisen, 16 May 2014. Web. 26 Jun 2014. http://www.lexology.com/library/detail.aspx?g=49e4cbdc-a6dd-40df-bd1d-ff5b953de849