Law.com Subscribers SAVE 30%
Call 855-808-4530 or email [email protected] to receive your discount on a new subscription.
Tips for Quickly and Effectively Responding to and Handling a Data Breach
Data breaches have become a common occurrence, and any organization, regardless of location, size and industry, can be attacked. In the wake of a public announcement of any data breach, litigation is sure to follow. Many organizations may also face scrutiny from government regulators, which creates additional burdens. Data breaches are typically a double whammy for companies: first, they are a victim of the breach; then, they must defend themselves against litigation and government investigation. This article summarizes key steps and recommendations for responding to and handling a data breach quickly and effectively.
Involving Counsel Early and Often
When a data breach is first discovered, there will be a great deal of urgency and uncertainty. The first priority is to contain the breach and attempt to understand the scope, including the data system(s) affected and the harm caused. Most federal and state governments require organizations to self-report a breach as soon as possible, so it is important that organizations have well-thought-out strategies in place to enable quick assessment of the breach, execute internal response efforts, and make immediate key decisions and disclosures. As such, many organizations establish data breach plans and conduct tabletop exercises at regular intervals. This planning should, and typically does, involve experienced discovery counsel to assist with establishing a strategic plan to identify, preserve, and collect, as needed, relevant information that will be implicated after a data breach, including discovery required for resulting data breach–related lawsuits. When a breach occurs, the discovery counsel will be able to assist immediately as they are already aware of the company's data landscape and content, security practices, and personnel.
Legal Holds: Don't Wait for the Lawsuit
Since litigation is likely to follow a reported data breach, companies should consider issuing a legal hold as early as possible. Although issuing a legal hold may not seem to be a top priority, doing so will emphasize to company employees the importance of preserving critical data. For example, system logs provide key information about a data breach but often have short retention periods, so disabling and preserving the implicated system logs is essential immediately after a breach. These logs contain information that is not only critical to diagnosing and responding to the breach but may also be valuable in future litigation or government investigations related to a breach.
This premium content is locked for Entertainment Law & Finance subscribers only
ENJOY UNLIMITED ACCESS TO THE SINGLE SOURCE OF OBJECTIVE LEGAL ANALYSIS, PRACTICAL INSIGHTS, AND NEWS IN ENTERTAINMENT LAW.
- Stay current on the latest information, rulings, regulations, and trends
- Includes practical, must-have information on copyrights, royalties, AI, and more
- Tap into expert guidance from top entertainment lawyers and experts
Already a have an account? Sign In Now Log In Now
For enterprise-wide or corporate acess, please contact Customer Service at [email protected] or 877-256-2473
Yachts, Jets, Horses & Hooch: Specialized Commercial Leasing Models
Defining commercial real estate asset class is essentially a property explaining how it identifies — not necessarily what its original intention was or what others think it ought to be. This article discusses, from a general issue-spot and contextual analysis perspective, how lawyers ought to think about specialized leasing formats and the regulatory backdrops that may inform what the documentation needs to contain for compliance purposes.
Hyperlinked Documents: The Latest e-Discovery Challenge
As courts and discovery experts debate whether hyperlinked content should be treated the same as traditional attachments, legal practitioners are grappling with the technical and legal complexities of collecting, analyzing, and reviewing these documents in real-world cases.
Identifying Your Practice's Differentiator
How to Convey Your Merits In a Way That Earns Trust, Clients and Distinctions Just as no two individuals have the exact same face, no two lawyers practice in their respective fields or serve clients in the exact same way. Think of this as a "Unique Value Proposition." Internal consideration about what you uniquely bring to your clients, colleagues, firm and industry can provide untold benefits for your law practice.
Risks and Ad Fraud Protection In Digital Advertising
The ever-evolving digital marketing landscape, coupled with the industry-wide adoption of programmatic advertising, poses a significant threat to the effectiveness and integrity of digital advertising campaigns. This article explores various risks to digital advertising from pixel stuffing and ad stacking to domain spoofing and bots. It will also explore what should be done to ensure ad fraud protection and improve effectiveness.
Turning Business Development Plans Into Reality
This article offers practical insights and best practices to navigate the path from roadmap to rainmaking, ensuring your business development efforts are not just sporadic bursts of activity, but an integrated part of your daily success.