Browse Definitions :
Definition

data breach response plan

Contributor(s): Ivy Wigmore

A data breach response plan is a course of action intended to reduce the risk of unauthorized data access and to mitigate the damage caused if a breach does occur.

Here are 10 crucial steps of data breach response planning:

  1. Use resources such as business impact analysis (BIA) and disaster recover (DR) methods to identify your organization’s most sensitive data and implement actions to protect data based on the severity of the impact a breach would have.
  2. Perform a high-level risk assessment of your IT environment and identify vulnerable areas.
  3. Implement measures to reduce the likelihood of breaches caused by human error.
  4. Address security on multiple levels: Educate employees on social engineering tactics; ensure that data is encrypted. Make sure that processes involved are as streamlined and automatic as possible to maximize compliance.
  5. Learn the specifics of current federal and state data breach legislation.
  6. Ensure that the breach response team has authorization to take necessary steps immediately when a breach occurs so that crucial time isn’t lost obtaining permission for action.
  7. Test your response plan frequently and address any weak areas as soon as they are discovered.
  8. Find contact information for forensic companies, law enforcement agencies and legal and public relations firms that you will deal with in the event of a breach and establish relationships now.
  9. Provide training for responders on, for example, evidence collection. Ensure that any required certifications are in place.
  10. Create a plan for how a breach will be disclosed so that the news will be communicated swiftly, transparently and effectively. Include your solution to the problem and a way for those affected to contact you. 

 

This was last updated in July 2012

Continue Reading About data breach response plan

SearchCompliance

SearchSecurity

  • cyber attack

    A cyber attack is any attempt to gain unauthorized access to a computer, computing system or computer network with the intent to ...

  • backdoor (computing)

    A backdoor is a means to access a computer system or encrypted data that bypasses the system's customary security mechanisms.

  • post-quantum cryptography

    Post-quantum cryptography, also called quantum encryption, is the development of cryptographic systems for classical computers ...

SearchHealthIT

SearchDisasterRecovery

  • risk mitigation

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

  • call tree

    A call tree is a layered hierarchical communication model that is used to notify specific individuals of an event and coordinate ...

  • Disaster Recovery as a Service (DRaaS)

    Disaster recovery as a service (DRaaS) is the replication and hosting of physical or virtual servers by a third party to provide ...

SearchStorage

  • cloud SLA (cloud service-level agreement)

    A cloud SLA (cloud service-level agreement) is an agreement between a cloud service provider and a customer that ensures a ...

  • NOR flash memory

    NOR flash memory is one of two types of non-volatile storage technologies.

  • RAM (Random Access Memory)

    RAM (Random Access Memory) is the hardware in a computing device where the operating system (OS), application programs and data ...

Close