From: The National Law Review
Article By Theodore F. Claypoole & Taylor Ey |Womble Carlyle Sandridge & Rice, PLLC
On October 25, 2016, the Federal Trade Commission (FTC) released its nonbinding “Data Breach Response” guide with an accompanying blog post and video, all directed to help businesses prepare a data breach response plan. The FTC continues to remain an active participant in the regulation of data security and cybersecurity practices, as this is one of several publications it offers to businesses related to data security and cyber security. While the guide is nonbinding, it provides insight into what the FTC may expect of a business when planning for and responding to a data breach.
The FTC recommends several steps businesses should consider when responding to a data breach. The steps taken will vary depending on the scale of the breach and the size and nature of a business. Generally, the FTC recognizes that any data breach response plan should include: (1) notification to affected parties, (2) notification to law enforcement, (3) prevention of future attacks, and (4) compliance with applicable state and/or federal law.
Leave a Reply