United States: Information Security Policies And Data Breach Response Plans Webinar Now Available!
Last Updated: October 12 2015

We are pleased to announce the webinar "Information Security Policies and Data Breach Response Plans" is now available as a podcast and webinar recording.

With the recent uptick of high-profile data breaches and lawsuits being filed as a result by both employees and consumers as a result, every business should take a fresh look at its information security policies and data breach response plans with two thoughts in mind: compliance with applicable laws, and limiting liability in the event of litigation. Cybersecurity is a critical and timely issue for all businesses. If your company has employees and pays them or gives them benefits, then your company is maintaining their personally identifiable information and faces liability in the event of a data breach.

Currently, there is no comprehensive federal law that sets forth a uniform compliance standard for information security best practices or data breach response plans. Companies operating in the U.S. must comply with a patchwork of 47 different states' laws that set forth a company's obligations in the event of a data breach. In the wake of several high-profile data breaches, state legislators in the U.S. have been updating these state laws in the past few months, adding new requirements.

In addition to dictating how and when a company must respond in the event of a data breach in which personal information has been compromised, a number of these laws also contain substantive requirements about cybersecurity measures a company must take generally. Add into this mix that a U.S. Court of Appeals agreed with the Federal Trade Commission (FTC) that it has the right to file lawsuits against businesses that it deems have lax information security protocols – without informing companies in advance of the standard to which they will be held.

Against this backdrop, Seyfarth attorneys  Karla Grossenbacher and John T. Tomaszewski provided a high-level discussion on how businesses can structure an information security program to comply with applicable law and minimize liability – since waiting for a breach is not an option. They discussed, from a legal perspective:

  • Essential components of a comprehensive information security policy;
  • Key elements of a data breach response plan including strategies for state law compliance; and
  • Best practices for dealing with third party vendors that store personally identifiable information for your company.

To print this article, all you need is to be registered on Mondaq.com.

Click to Login as an existing user or Register so you can print this article.

Some comments from our readers…
“The articles are extremely timely and highly applicable”
“I often find critical information not available elsewhere”
“As in-house counsel, Mondaq’s service is of great value”

Press Releases from this Firm
Recent Content from this Firm
By Joseph Escarez, Anne Dunne
By Rashal Baz, Katherine Mendez, Chelsea Mesa
By Susan Ryan
By Kristina Launey, Melissa Aristizabal, Walter Mullon
By James Goodfellow, Jr., Sam Schwartz-Fenwick
By Gregory Markel, Heather Murray, Sarah Kinne
By Maura Travers, Michelle Gergerian, Gabriel Mozes
By Gena Usenheimer, Lori Meyers, Joshua Seidman, Meredith-Anne Berger
By William Hanlon, Timothy McKeon
By Gregory Markel, Jonah Hecht, Sarah Kinne
Font Size: