We use cookies to deliver our online services. Details of the cookies we use and instructions on how to disable them are set out in our Cookies Policy. By using this website you agree to our use of cookies. To close this message click close.

Tips on Dealing with the Aftermath of a Data Breach

19 September 2009

Data security breaches remain a major risk for any company or entity that handles personal information.  The costs of a breach and harm to reputation can be significant.

At the IAPP Privacy Academy in Boston on September 18, I moderated a session on dealing with the aftermath of a data breach.  I was fortunate to have an expert panel -- Chris Cwalina, Vice President, Associate General Counsel, Intersections Inc. and Carol DiBarriste, SVP Privacy, Security, Compliance and Government Affairs, LexisNexis Group. You can view a copy of our Powerpoint presentation.

There is useful information in the slide deck including information on the current legislative landscape -- note the analysis of currently-pending HR 2221 and a review of recent state laws, as well as some points on the variations in the requirements of breach notification laws. 

Fundamentally, you will find helpful tips on what to do in the aftermath of a breach, and how to take steps in advance of a breach to minimize the risks.

The session in Boston concluded with a recommendation that companies conduct an assessment of how they are collecting, using, sharing, storing, securing, and disposing of personal data -- for only by understanding how data is handled can the risk of a breach (and its expensive effects) truly be avoided.  Hogan & Hartson regularly conducts such risk management assessments for our clients, which often results in recommendations on how to close the "gaps" -- how to improve policies, practices, training and auditing.

Cybersecurity in the Health Sector

The health sector is under siege with cybersecurity threats. Some of the largest announced cyber attacks in U.S. history have targeted organizations in the health industry. Regulators have...

02 May 2016
Loading data