If your organization can’t answer basic questions regarding a data breach, it may be subject to major liability when a breach occurs, according to Taft Stettinius & Hollister counsel Diane Reynolds and partner William Wagner in a post on the Class Action Law Insight blog. Here are threshold questions to review. For more, see the original post.
- Are you continuously monitoring networks? It’s not enough to be monitoring your own network, said the authors, you also must pay attention to your business partners’ networks too.
- How long will it take to detect and stop a breach? Regarding the recent Jimmy John’s data breach, the authors noted it took the company seven weeks to find out about the breach and another five to stop it. That’s a lot of precious time and data lost. Think about how long it would take your organization to detect and stop a similar breach before you end up as the defendant in a lawsuit.
- Will your business partners be affected? Franchisees, vendors, financial institutions, partners, these organizations, people and businesses could all be compromised by your company. “You need to protect your business through insurance and appropriate contract language for indemnification from your business partners, but you must also adopt best practices to demonstrate your business takes data security seriously,” said Reynolds and Wagner.
Attorney Marlisse Silver Sweeney is a freelance writer based in Vancouver. @MarlisseSS.
