A data breach, also called a security breach, is the phrase used to describe a security issue where the intentional or unintentional release of information takes place. Usually the information is private, confidential or personal information that was given in trust to the organization.
Why a Data Breach Happens
A data breach may occur for a number of reasons. For example, a data breach could be the result of unauthorized acquisition of personal information through employee negligence (i.e., photocopying) to computer hard drives not properly disposed of, to hackers gaining access to data through an exploit or other malicious attack.
Data Breach Notification Laws
Many countries or individual states/provinces have enacted some type of security and data breach notification law. These laws require government agencies and other organizations that collect personal information (including a name combined with SSN, drivers license or ID, account numbers, etc.,) to notify individuals of security breaches.
The exact requirement for notification laws change between places as well as the legal definition of what constitutes a breach, requirements and timing for notice and exemptions. In general if there is a perceived risk as a result of a data breach, the affected individuals and regulating government bodies should be notified.
While there are no specific set of rules to follow, most organizations will create a checklist to ensure a swift response to manage and mitigate a breach.
The first step is to create a policy that defines the organization s definition of a breach, and identify what constitutes a breach, making sure it complies with any legal definitions set forth in your geographical location.
Next, a plan will identify staff responsibilities and outline how to properly keep records of breach reporting and tracking. The plan should identify management support and approval processes and outline employees responsibilities to standardize behavior.
Lastly, organizations will need to have a breach procedure in place, derived from the plan and policy. This standardizes the responsibilities and actions that are part of the response effort and should identify senior management responsible for enacting the procedures.
The data breach procedure is typically reviewed, tested and enacted as part of an organization’s overall business continuity and disaster recovery procedure. The related links section below offers additional resources to help businesses create checklists and data breach policies.