ARTICLE
9 March 2015

You’ve Been Hacked. Now What?

FR
Fox Rothschild LLP

Contributor

Fox Rothschild LLP logo

Who We Are

With bold growth, Fox Rothschild brings together 1,000 attorneys coast to coast. We offer the reach and resources of a national law firm combined with the personal touch and connections of a boutique firm.

Our Mission

Solving problems is our top priority. We invest the time to get to know you and understand your needs. We work hard to win every client’s loyalty. We do that by providing creative solutions and excellent client service.

Explore Firm Details
Scott L. Vernick was quoted in the Network World article, "You’ve Been Hacked. Now What?" Full text can be found in the February 23, 2015, issue, but a synopsis is below.
United States Privacy
Network World
Your Author LinkedIn Connections
Fox Rothschild LLP are most popular:
  • within Immigration and Corporate/Commercial Law topic(s)
  • with Finance and Tax Executives
  • with readers working within the Automotive, Basic Industries and Healthcare industries

With data breaches on the rise, many companies have had to face the question of what it should do after it has been hacked.

One of the critical steps following a breach is to deal effectively with legal concerns, starting with having IT, security and other senior executives meet with corporate and external legal teams to discuss the potential implications.

Remediation of the problem could be a long process because the source of the breach may not always be readily apparent, and companies need to ensure any evidence is preserved, says Scott L. Vernick, a noted privacy attorney.

"There's always one eye toward what law enforcement or an enforcement agency may require, or litigation down the road," Vernick says.

Companies need to ensure they conduct investigations into the source of a breach without disturbing any evidence. "This can include but is not limited to cloning the server, laptops and desktops; making images of documents so that you are investigating the image as opposed to the original," he says.

Legal concerns are centered around potential government investigation and making sure that under relevant breach notification laws stakeholders and business partners are informed.

"And then of course you have the potential litigation that flows from that," Vernick says.

Some reporting policies and procedures are determined by the state breach notification statue or by an industry sector, Vernick notes.

"The bottom line is that organizations should try to be as up front and transparent as possible," he says. "Some of that is difficult to do because usually it's a moving target in terms of understanding what happens in developing the information. But certainly with respect to your stakeholders—particularly customers or employees or government agencies—the sooner you're transparent and the more transparent you are, the better it generally ends up."

Click here to view the full article.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Authors
Person photo placeholder
Network World
Your Author LinkedIn Connections
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More