Data Breach Response 

COHEN Business Law Group
Internet Business Lawyers Since 1999

PRIVACY AND DATA SECURITY COUNSEL FOR OVER TWO DECADES

Activate Your Response Team and Secure Your Content

Having a data breach plan in place prior to learning of any incident is key to a successful response. Once you have a plan that is polished, practiced and updated as your business grows and changes is the only way to meet the standard of care expected by your customers. Contact Us for assistance in developing an effective response plan.
Even without a plan in place, all is not lost. The first step after determining that there has been any disclosure of Personally Identifiable Information (PII) is to immediately prevent any further disclosure. Best practices involve the assembly of your response team which should include technical, operational, legal, marketing and management representatives. Consensus should be reached among the members of this team that your content is secure before any further action is taken.
The immediate involvement of experienced Internet and Privacy counsel is the best way to help protect the communications between your team members which must be free to frankly, honestly and openly communicate as to the nature and extent of your disclosure. 

Remove and Repair Vulnerabilities

The next step is to dive into your systems and code with the assistance of your operations and technology team members as well as any outside vendors that you may have in order to isolate, remove and repair any code injections, outdated code or unpatched plugins or templates.
Having relationships with experienced forensic experts to double-check your team is an excellent way to ensure that your customer's. data has been properly protected from all perspectives. Establishing these relationships is important to an effective and efficient response plan implementation.  
Your legal representative will help ensure that your team properly retains copies of all versions in order to establish exactly what occurred, when and how. Prudent companies will keep careful records of any and all changes made. 
  • Examine
  • Patch
  • Protect
  • Preserve

Determine Your Disclosure Requirements and Disclose

Each instance of a potential data breach is different and may or may not require consumer or attorney general disclosure depending upon the nature of the breach and the home state of any effected consumers. It is also important to consider the nature of the data potentially disclosed.
In some instances, the conclusion may be that no disclosure is necessary at all and in others there may be a requirement to disclose the disclosure to the effected consumers and multiple attorneys general.
Only with a comprehensive legal evaluation of your particular circumstances can you be sure of the nature and extent of any necessary disclosure. The content of your notice will depend upon the nature of your disclosure and the data disclosed. You may have different disclosure requirements for different customer groups.

Evaluate Further Preventative Measures

Not only is it crucial to correct existing vulnerabilities and code injections but it is also imperative to consider what can be done to help reduce the likelihood of any such data breach in the future. This analysis requires an examination of your internal and external technologies, privacy policies and privacy practices.
Not only is it crucial to correct existing vulnerabilities and code injections but it is also imperative to consider what can be done to help reduce the likelihood of any such data breach in the future. This analysis requires an examination of your internal and external technologies, privacy policies and privacy practices.
Speak with your response team and each employee or contractor that has any knowledge of the incident to learn as much as possible about the cause, effect and suggested solutions they may suggest. Remain open to creative and innovative solutions.

Top Data Breach
Risk Factors

Tell Me More about
A Data Breach Plan
I need a Privacy Policy and
Privacy Practice Evaluation
I need to speak with you
about a possible data breach

Interested in more information?
Register For Free Access