When the storm sirens sounded last year, I scooped up my 4-year-old grandson and headed for our “safe closet.” Have you ever sat in a closet with a 4-year-old with the door closed? I suggest you have a flashlight available, because it’s dark! And keeping a few toys on hand is a good idea because even five minutes in a closet can be frightening for a child.
As you can see, my Emergency Response Plan lacked a few important elements. What about your Emergency Response Plan for your business?
Many businesses owners know what they’ll do during severe weather or in a fire, but few are prepared for a data breach.
When sensitive or confidential data that is in your care falls into the wrong hands, your customers, employees, students, or patients are put at risk for identity theft. Any delay in responding can have harmful effects and increase the potential for lawsuits.
Here are some items you should think about BEFORE a breach occurs:
- Have an up-to-date list of all of your clients’ addresses.
- Know what your federal and state obligations are to your clients.
- Consider a “customer/consumer” focused response rather than a “compliance-only” focused response.
- Speak to vendors in advance that may be able to assist with credit monitoring and fraud alert.
- Have a computer analyst who can immediately be ready to review your systems to determine the nature and extent of the breach.
- Have a plan for handling the increase in calls. Smaller companies may need to consider use of a temporary call center.
- Be prepared to answer questions from upset customers. Responses should be based on what is appropriate given the extent of the breach.
There are coverages available to protect you and your business from the effects of a data breach. Contact your agent for information on these coverages and for some suggestions on how you can protect your business from experiencing a data breach.
So, don’t forget to put a flashlight in your “safe closet” – start preparing your company’s Emergency Response Plan to a data breach right away. And if you have suggestions on how to protect customers’ personal information please share them here!