Example privacy breach response plan

Too few organizations are prepared to respond to a privacy breach when it happens. Too many naively believe a privacy breach will not happen to them.
It is helpful to look at existing privacy breach notice plans when creating your own. The U.S. government agencies actually provide some good plans you can use as examples.

The U.S. “Department of Commerce Data Breach Notification Response Plan,” dated September 27, 2007, includes information on designating positions at the departmental, agency and smaller organization levels to have responsibility for making decisions regarding the privacy breachnotification process.
The plan also discusses and outlines how notice of a privacy breach should be transmitted to other government organizations outside the department, such as the Homeland Security Department’s U.S. Computer Emergency Response Team (US-CERT).
Check it out.

Tags: , , , , , , , , , , ,

Leave a Reply