How an organization communicates in the wake of a major breach incident can play an important role in maintaining the organization's reputation and minimizing the financial impact.
But how can your organization avoid mismanaging post-breach communication and potentially wasting millions of dollars?
Join us for this webinar, featuring an attorney who advises clients on breach resolution and other security matters, who will:
Discuss how to prepare a breach response plan, including a communication strategy;
Review the do's and don't's of post-breach communication, outlining best practices;
Offer insights on when to hire and how to select a breach resolution or public relations firm.
Making the quick communication decisions needed to mitigate the potential harm of a data breach is challenging. Too many organizations in all business sectors mismanage data breach response efforts, making decisions without complete knowledge and lacking a clear and forthright message.
Recent breach responses provide examples of the how confusing, inconsistent post-breach communication can do more harm than good. Examples include: Sony's announcement that it had initially underestimated the number of consumers affected by a breach; Hannaford's use of a single notice letter to 4.2 million consumers even though only 1,800 individuals had fraudulent charges; and the inconsistencies between the information released by Global Payments about its breach and the updates on the incident provided by VISA.
The failure to prepare proactively for a data breach can magnify the damage caused by the incident. A poorly handled breach can result in negative press, lost revenue, expensive mitigation costs and time-consuming and distracting litigation.
Carefully planned communication in the wake of a major breach incident can play a major role in maintaining the organization's reputation and minimizing the financial impact of a breach. Good communication also can help mitigate or prevent unnecessary litigation or government investigations.
In this webinar, our speaker, a legal expert who has advised organizations that have experience breaches, will review the essential components of a successful post-breach communication strategy, including:
Preparing proactively for data breaches by conducting compliance and security assessments, designating an internal breach response team, establishing relationships with key vendors and developing breach response communication plans;
Testing a breach response plan, including the communications component;
Providing accurate and timely notice communications by quickly and efficiently collecting the facts to understand the breach, developing methods to identify all relevant audiences, crafting the right message and identifying the best means of communication;
Determining when to hire a breach resolution or public relations firm to help with post-breach communications;
Planning how to inform appropriate regulators, such as state attorneys general, before issuing a breach notice.
Attendees also will learn about how to avoid mistakes, including:
Providing inaccurate or confusing notice communications, including communications that provide a limited, legalistic or formulaic response;
Failing to develop proper remediation and mitigation processes and using a process that frustrates consumers;
Ignoring certain audiences that should be contracted regarding a data breach.
Ron Raether leads the Cybersecurity, Information Governance and Privacy practice and is a partner in the Financial Services Litigation practice group at Troutman Sanders. Ron is known as the interpreter between businesses and information technology, and has assisted companies in navigating federal and state privacy laws for over twenty years. Raether's understanding of technology led him to be involved in legal issues that cross normal law firm boundaries, including experience with data security, data privacy, patent, antitrust, and licensing and contracts. This experience allows Raether to bring a fresh and creative perspective to data compliance issues with the knowledge and historical perspective of an industry veteran.