In late October, the Federal Trade Commission published a 16-page guidebook called Data Breach Response: A Guide for Business. The guidebook provides general guidance for businesses that have experienced a data breach, focusing on three critical steps: (1) securing systems to prevent additional data loss; (2) working with service providers and computer forensics experts to fix cybersecurity vulnerabilities; and (3) notifying the appropriate parties, including law enforcement agencies, affected businesses and individuals, and any parties required to be notified under applicable federal and state laws. The guidebook also contains a model letter businesses can send to individuals whose personal information may have been compromised. Short on time? Watch the FTC's three-minute video on data breach response here.
- How-to guide How-to guide: How to ensure compliance with the GDPR (UK)
- How-to guide How-to guide: How to deal with a GDPR data breach (UK)
- How-to guide How-to guide: How to deal with an ICO dawn raid (UK)