Breach Response
Mistakes happen, and no process is perfect. If you deal with volumes of information, you probably have had a privacy breach.
If you just had a privacy breach and need emergency help, please contact me immediately.
There are two kinds of privacy programs: those that have experienced privacy breaches and those that have not yet experienced privacy breaches. It's more likely that the second category should be called organisations that have had privacy breaches, but are not yet aware of it. Mistakes happen, and no process is perfect. If you deal with volumes of information, you probably have had a privacy breach. You don't lose customers if you have a breach. You lose customers if you don't handle a breach properly.
Some questions that need to be answered are:
People:
- Are you confident that your staff can identify a privacy breach?
- Are you confident that your staff will escalate a privacy concern promptly?
Process:
- Do you have an incident response or breach management plan?
- Do you have an awareness & training program?
Technology:
- Are you confident that your systems can identify breaches when they happen?
- Do your systems log the appropriate events?
Once you understand that privacy breaches are an operational reality to be managed, rather than a crisis to panic about, building appropriate safeguards, alerts, training, and documentation becomes a much more straightforward proposition - and one that I can help you with.