Recent high-profile data breaches, such as those that occurred at Neiman Marcus and Target, have brought privacy breach notification laws into public debate. In the event that your company’s secure information is compromised, it is important to understand privacy breach notification laws and standards.
Privacy Breach Notification Regulations are Under Review
Across the world, privacy breach notification laws are being updated and amended to keep up with the times. In the United States, for example, federal standards are being discussed, but each state may also have its own rules. Furthermore, some states do not even have their own regulations, and laws and procedures regarding privacy breach notification standards vary depending on where your business is located. Be sure to know the regulations and standards for your own country or state.
What is Privacy Data?
This private information that your company may posses includes customer names, in combination with, account numbers, driver licenses, or social security numbers, although this changes from state to state and from country to country. Most laws require your business to inform customers, employees, and other stakeholders when their private information has been compromised. What is considered private information, and the timeframe in which customers must be informed of the breach, varies in each law.
A Privacy Data Breach Has No Borders
Many companies collect data from customers across the globe. If a privacy breach crosses state lines or international borders, your company may need to comply with multiple standards. Failure to comply may lead to fines and penalties, in addition to customer disapproval. California laws, for example, impose fines up to $3,000 for failure to comply and criminal penalties for companies that try to conceal privacy breaches.
Privacy Breach Notifications is a Local and Global Issue
From the European Union to Australia, governments are working to address the issue of Privacy Breach Notifications. For example, the United States federal government is currently reviewing national standards, and the Senate has proposed the Data Security and Breach Notification Act.
How to Minimize the Risks of a Privacy Data Breach
Due to the variety of standards and regulations regarding privacy breach notification, it is important to know the guidelines or to contact an IT Security expert in the event of a privacy data breach. Rapidly detecting the data breach and having a protocol to inform those affected by a security breach promptly are some good first steps if a privacy breach does occur. Another option is to contact your IT Service professional to put a plan in place to minimize the risks of a privacy data breach.