Creating an effective data breach management plan to reduce risk

According to a recent ACC survey, 70% of CLOs rate protection of corporate data and managing data breaches as an extremely or very important issue to address over the next 12 months. What’s more, 27% had experienced a data breach at their organisations within the past two years, up from 23% in the previous year’s survey. Of course, with an increased likelihood of data breaches comes an increased workload and need for budgets and resources, which is not always easy to obtain. It’s no wonder nearly 50% of general counsel say planning for cybersecurity incidents and responding to breaches is now a part of their job.

Yet despite the perceived importance, CLOs and GCs still struggle to manage data privacy and security concerns before they become a crisis. And waiting to react to a data breach involving confidential information is often too late, putting the entire organisation at risk. In a previous post we addressed the growing role of the GC in preventing data breaches.

This post looks at developing a plan to manage the consequences should a breach ever occur, although we certainly hope no GC finds themself in this position.

Data Breach Management Plan

Knowing where your company’s vulnerabilities lie and putting preventive measures in place can help you reduce the risk of them happening in the first place. However, in the event of a breach, effective data breach management is critical in helping minimise the impact and preventing a reoccurrence.  We recommend establishing an internal procedure covering the following main steps:

Data protection can be a daunting task for the General Counsel – or IT manager for that matter – and no one should feel the burden of responsibility solely on their shoulders. That’s why it is important to implement tools that designed to help manage the risks and relieve some of the obligations.

For more details on the types of risks threatening a data breach in your company and exactly how to minimise them with technology then download our latest whitepaper, “Best Practices for Preventing a Data Breach & Avoiding Liability”. In it you will also find more information on the key elements of a data breach management plan. Remember, it’s about identifying vulnerabilities, mitigating the risk and ultimately preventing liability, but also having robust plan in place so you are ready to act if your data security ever becomes compromised.