Law.com Subscribers SAVE 30%

Call 855-808-4530 or email [email protected] to receive your discount on a new subscription.

Tips for Quickly and Effectively Responding to and Handling a Data Breach

By Tara Lawler and Gregory T. Malik
July 01, 2023

Data breaches have become a common occurrence, and any organization, regardless of location, size and industry, can be attacked. In the wake of a public announcement of any data breach, litigation is sure to follow. Many organizations may also face scrutiny from government regulators, which creates additional burdens. Data breaches are typically a double whammy for companies: first, they are a victim of the breach; then, they must defend themselves against litigation and government investigation. This article summarizes key steps and recommendations for responding to and handling a data breach quickly and effectively.

Involving Counsel Early and Often

When a data breach is first discovered, there will be a great deal of urgency and uncertainty. The first priority is to contain the breach and attempt to understand the scope, including the data system(s) affected and the harm caused. Most federal and state governments require organizations to self-report a breach as soon as possible, so it is important that organizations have well-thought-out strategies in place to enable quick assessment of the breach, execute internal response efforts, and make immediate key decisions and disclosures. As such, many organizations establish data breach plans and conduct tabletop exercises at regular intervals. This planning should, and typically does, involve experienced discovery counsel to assist with establishing a strategic plan to identify, preserve, and collect, as needed, relevant information that will be implicated after a data breach, including discovery required for resulting data breach–related lawsuits. When a breach occurs, the discovery counsel will be able to assist immediately as they are already aware of the company's data landscape and content, security practices, and personnel.

Legal Holds: Don't Wait for the Lawsuit

Since litigation is likely to follow a reported data breach, companies should consider issuing a legal hold as early as possible. Although issuing a legal hold may not seem to be a top priority, doing so will emphasize to company employees the importance of preserving critical data. For example, system logs provide key information about a data breach but often have short retention periods, so disabling and preserving the implicated system logs is essential immediately after a breach. These logs contain information that is not only critical to diagnosing and responding to the breach but may also be valuable in future litigation or government investigations related to a breach.

This premium content is locked for Entertainment Law & Finance subscribers only

  • Stay current on the latest information, rulings, regulations, and trends
  • Includes practical, must-have information on copyrights, royalties, AI, and more
  • Tap into expert guidance from top entertainment lawyers and experts

For enterprise-wide or corporate acess, please contact Customer Service at [email protected] or 877-256-2473

Read These Next
Strategy vs. Tactics: Two Sides of a Difficult Coin Image

With each successive large-scale cyber attack, it is slowly becoming clear that ransomware attacks are targeting the critical infrastructure of the most powerful country on the planet. Understanding the strategy, and tactics of our opponents, as well as the strategy and the tactics we implement as a response are vital to victory.

Major Differences In UK, U.S. Copyright Laws Image

This article highlights how copyright law in the United Kingdom differs from U.S. copyright law, and points out differences that may be crucial to entertainment and media businesses familiar with U.S law that are interested in operating in the United Kingdom or under UK law. The article also briefly addresses contrasts in UK and U.S. trademark law.

The Article 8 Opt In Image

The Article 8 opt-in election adds an additional layer of complexity to the already labyrinthine rules governing perfection of security interests under the UCC. A lender that is unaware of the nuances created by the opt in (may find its security interest vulnerable to being primed by another party that has taken steps to perfect in a superior manner under the circumstances.

Role and Responsibilities of Practice Group Leaders Image

Ideally, the objective of defining the role and responsibilities of Practice Group Leaders should be to establish just enough structure and accountability within their respective practice group to maximize the economic potential of the firm, while institutionalizing the principles of leadership and teamwork.

Removing Restrictive Covenants In New York Image

In Rockwell v. Despart, the New York Supreme Court, Third Department, recently revisited a recurring question: When may a landowner seek judicial removal of a covenant restricting use of her land?