Attention Business Owners! 

HOW TO RESPOND TO A DATA BREACH

We suggest that you take the following steps in the event of a data breach.

1. Notify Senior Management.  A breach of personal data, small or large, is a threat to the reputation and integrity of any organization.  The most senior management of the organization should be immediately made aware of the situation.

2. In Cases of Theft or Fraud, Notify Law Enforcement.  Any breach arising from criminal activity should be reported immediately to the proper law enforcement authorities.

3. Gather Information.

4. Seek Expert Advice.  A reputable breach restoration firm can provide a wealth of information about how best to manage a breach situation.  Most organizations will also want to consult with outside legal counsel.  In some cases, specialists may be needed to investigate the occurrence to determine the nature or extent of the breach.

5. Security.  As you determine the nature and cause of the data breach, take immediate action to reduce or eliminate the possibility of future breaches of a similar kind.  This would be a good time to review all of your data security policies.

6. Draft a Response Plan.  This is the step that many organizations want to do first.  We recommend that you first address Steps 1-5.  At that point, you should have the proper information and advice to make informed decisions about the most appropriate response plan.  In many cases, this will include notification to all individuals whose information was breached, accompanied by an offer of services appropriate to the situation.  However, each case is different.  In some cases, you might determine that the event does not warrant any notification.

7. Implement and Follow Through.  Any plan to notify and offer services should be backed up by a service plan contracted for with a reputable service provider.

Kelly Insurance Agency, Inc. offers protection through our insurance carriers.  Coverage is underwritten by Hartford Steam Boiler.  Please contact Ben Kelly for more details.