A privacy breach will have an impact on your business. It’s a given.
The degree of the impact is in your hands.
The handling of the breach will have a lasting impact on customer trust.
To the point, it can destroy your brand. However, if handled well, it can possibly restore and even enhance your brand’s reputation.
Having a well-prepared Data Breach Notification (DBN) plan will go a long way to minimising the damage of a breach when it occurs.
A few key tips to developing and sustaining a DBN Plan :
- develop the plan with Privacy experts (leverage what’s already out there) and with your key staff (leverage internal knowledge and gain buy-in)
- conduct on-going reviews of the plan (at least annually or when significant changes take place internally or externally)
- conduct regular training of all staff who handled personal information and include in Staff Induction program
- conduct a mock drill at least every 2 years.
A well-prepared DBN plan delivers to your business :
- a structured process during stressful times of a breach
documented findings and outcomes
- better understanding of the situation for management to make an informed decision
- documented recommendations to upgrade policies and practices to minimise likelihood of a re-occurrence of the breach
- documented evidence of the assessment being conducted