Experian® Data Breach Resolution releases its 2013–2014 Response Guide
The updated edition highlights the HIPAA Omnibus Rule, new state notification laws and more
Costa Mesa, Calif., September 12, 2013 — Despite the increasing awareness around the rise in data breaches and potential damage, not all organizations are taking the necessary steps to mitigate the fallout from a cyberattack. According to a 2013 Experian Data Breach Resolution and Ponemon Institute study, Is Your Company Ready for a Big Data Breach?, nearly 40 percent of companies that experienced a breach say they have not developed a formal preparedness plan even after the incident. To help businesses and institutions get started, Experian Data Breach Resolution has released its updated 2013–2014 Data Breach Response Guide.
An excellent tool for any organization looking to develop a data breach response plan, the content is appropriate for professionals handling security, risk and compliance, as well as senior leadership and executives responsible for business continuity. It contains information on how to create a plan and what to do during the crucial first 24 hours of a breach. The guide also addresses how to notify customers, patients or employees and work with a data breach resolution partner. Additional content in the guide provides recent information on the HIPAA Omnibus Rule and a snapshot of upcoming federal legislation on breach notification laws.
The guide can be downloaded for free at http://www.experian.com/responseguide.
“A company of any size, across industries, can fall victim to a data breach, and it is never too soon to prepare a plan,” said Michael Bruemmer, vice president at Experian Data Breach Resolution. “This guide is a valuable resource that will help organizations assess their levels of preparedness and understand the required steps to take in managing a data breach.”
The 30-plus-page handbook includes practical checklists and forms. It also outlines many key steps to begin a data breach preparedness plan:
• Identify an incident response team lead:
Start by selecting your incident lead. Think of someone from an internal or external legal department or a chief privacy officer. Your incident lead should be able to manage and coordinate the company’s overall response efforts and team and act as an intermediary between C-level executives and other team members to report progress and problems.
• Select the right people for the right roles:
Determine who is on the response team and what their role would be in the wake of a breach. Include individuals from departments across the organization such as legal, human resources, marketing, compliance and information technology to ensure the appropriate stakeholders are at the table. Include the company’s key decision makers as advisers to your data breach response team to help ensure you have the needed leadership, backing and resources to properly develop and test your plan.
• Conduct preparedness training:
In addition to a company-wide focus on data security and breach preparedness, department-specific training should trickle down from the data breach response team. Each member of the team has a unique responsibility to apply prevention and preparedness best practices to his or her own department.
For additional data breach resources, including Webinars, white papers, videos and more, visit http://www.experian.com/databreach.
Read Experian’s blog at http://www.experian.com/dbblog.
Contacts:
Tara Mulcahy
Edelman
1 206 268 2212
tara.mulcahy@edelman.com
Sandra A. Bernardo, APR
Experian Data Breach Resolution
1 949 567 3676
sandra.bernardo@experianinteractive.com
About Experian Data Breach Resolution
Experian is a leader in the data breach resolution industry and one of the first companies to develop products and services that address this critical issue. As an innovator in the field, Experian has a long-standing history of providing swift and effective data breach resolution for thousands of organizations, having serviced millions of affected consumers. For more information on the Experian Data Breach Resolution division at ConsumerInfo.com, Inc. and how it enables organizations to plan for and successfully mitigate data breach incidents, visit http://www.experian.com/databreach.
About Experian
Experian is the leading global information services company, providing data and analytical tools to clients around the world. The Group helps businesses to manage credit risk, prevent fraud, target marketing offers and automate decision making. Experian also helps individuals to check their credit report and credit score, and protect against identity theft.
Experian plc is listed on the London Stock Exchange (EXPN) and is a constituent of the FTSE 100 index. Total revenue for the year ended March 31, 2013, was US$4.7 billion. Experian employs approximately 17,000 people in 40 countries and has its corporate headquarters in Dublin, Ireland, with operational headquarters in Nottingham, UK; California, US; and São Paulo, Brazil.
For more information, visit http://www.experianplc.com.
Experian and the Experian marks used herein are service marks or registered trademarks of Experian Information Solutions, Inc. Other product and company names mentioned herein are the property of their respective owners.