dcsimg
Main » TERM » D »

data breach

A data breach, also called a security breach, is the phrase used to describe a security issue where the intentional or unintentional release of information takes place. Usually the information is private, confidential or personal information that was given in trust to the organization.

Why a Data Breach Happens

A data breach may occur for a number of reasons. For example, a data breach could be the result of unauthorized acquisition of personal information through employee negligence (i.e., photocopying) to computer hard drives not properly disposed of, to hackers gaining access to data through an exploit or other malicious attack.

Data Breach Notification Laws

Many countries or individual states/provinces have enacted some type of security and data breach notification law. These laws require government agencies and other organizations that collect personal information (including a name combined with SSN, drivers license or ID, account numbers, etc.,) to notify individuals of security breaches.

The exact requirement for notification laws change between places as well as the legal definition of what constitutes a breach, requirements and timing for notice and exemptions. In general if there is a perceived risk as a result of a data breach, the affected individuals and regulating government bodies should be notified.

Security Checklist

While there are no specific set of rules to follow, most organizations will create a checklist to ensure a swift response to manage and mitigate a breach.

Webopedia Study Guide Section The first step is to create a policy that defines the organization’s definition of a breach, and identify what constitutes a breach, making sure it complies with any legal definitions set forth in your geographical location.

Webopedia Study Guide Section Next, a plan will identify staff responsibilities and outline how to properly keep records of breach reporting and tracking. The plan should identify management support and approval processes and outline employees responsibilities to standardize behavior.

Webopedia Study Guide Section Lastly, organizations will need to have a breach procedure in place, derived from the plan and policy. This standardizes the responsibilities and actions that are part of the response effort and should identify senior management responsible for enacting the procedures.

The data breach procedure is typically reviewed, tested and enacted as part of an organization's overall business continuity and disaster recovery procedure. The related links section below offers additional resources to help businesses create checklists and data breach policies.










LATEST ARTICLES
Texting & Chat Abbreviations

From A3 to ZZZ this guide lists 1,500 text message and online chat abbreviations to help you translate and understand today's texting lingo. Read More »

List of Well-Known TCP Port Numbers

Port numbers 0 to 1024 are reserved for privileged services and designated as well-known ports. This list of port numbers  are specified in... Read More »

STUDY GUIDES
Computer Architecture Study Guide

Computer architecture provides an introduction to system design basics for most computer science students. Read More »

Network Fundamentals Study Guide

Networking fundamentals teaches the building blocks of modern network design. Learn different types of networks, concepts, architecture and... Read More »

The Five Generations of Computers

Learn about each of the five generations of computers and major technology developments that have led to the computing devices that we use... Read More »