Header graphic for print
HL Chronicle of Data Protection Privacy & Information Security News & Trends
Posted in Cybersecurity & Data Breaches

Tips on Dealing with the Aftermath of a Data Breach

Data security breaches remain a major risk for any company or entity that handles personal information.  The costs of a breach and harm to reputation can be significant.

At the IAPP Privacy Academy in Boston on September 18, I moderated a session on dealing with the aftermath of a data breach.  I was fortunate to have an expert panel — Chris Cwalina, Vice President, Associate General Counsel, Intersections Inc. and Carol DiBarriste, SVP Privacy, Security, Compliance and Government Affairs, LexisNexis Group. You can view a copy of our Powerpoint presentation.

There is useful information in the slide deck including information on the current legislative landscape — note the analysis of currently-pending HR 2221 and a review of recent state laws, as well as some points on the variations in the requirements of breach notification laws. 

Fundamentally, you will find helpful tips on what to do in the aftermath of a breach, and how to take steps in advance of a breach to minimize the risks.

The session in Boston concluded with a recommendation that companies conduct an assessment of how they are collecting, using, sharing, storing, securing, and disposing of personal data — for only by understanding how data is handled can the risk of a breach (and its expensive effects) truly be avoided.  Hogan & Hartson regularly conducts such risk management assessments for our clients, which often results in recommendations on how to close the "gaps" — how to improve policies, practices, training and auditing.