Data Breach Response Plans: Why They’re Important, and How to Create One for Your Business

Any business that utilizes the Internet is at risk for a data breach, especially those with limited security resources. Don’t just sit back and wait for a disaster to strike. Prepare in advance by securing cyber liability insurance and creating a data breach response plan.

This plan provides a roadmap to follow when a breach is discovered. It is a time-saving and stress reduction tool. A well-thought-out response plan can help avoid missteps you are likely to make when acting in crisis mode.

When Do You Need One? 

One important step in developing a response plan is to decide what types of incidents will activate your plan. Some events, such as a phishing email, may have little or no effect on your company’s operations. Others, like a ransomware infection or denial of service attack, could create serious disruption.

While the definition of a breach may vary from one plan to another, it typically includes any theft or intrusion of electronic data files containing sensitive information about customers, patients, clients, or employees. It should also include any theft (or attempted theft) of sensitive company intellectual property like patents or trade secrets.

Forming a Response Team

Identify the members of your response team to carry out the plan’s actions when a breach occurs. They should be trusted employees who are very familiar with your business.

The size of your team and its composition depends on several factors. These include company size, industry, and business complexity. Commonly, the response team includes at least one representative from each of the following areas:

  • Human resources
  • Information technology or data security 
  • Communications
  • Risk management
  • Legal
  • Senior management

Some data breaches may be too big or too complex for your employees to handle alone. To deal with these events you might call for outside experts, such as attorneys, law enforcement personnel, and data security or recovery experts.

Action Steps 

Your response plan should provide step-by-step instructions. Each team member should be assigned a role that reflects their expertise. For instance, the responsibility for determining how the breach occurred should be assigned to a data security employee. Likewise, the task of notifying the insurer that issued your cyber liability insurance should be assigned to a risk management employee. 

The plan should enable your team to analyze the breach, determine what went wrong, limit the damage, and make whatever improvements are needed to prevent similar events from occurring in the future.

The response team members should carefully document all actions they took after the breach occurred. The records will verify that team members followed the instructions outlined in your plan and provide valuable information when conducting a post-breach evaluation.

Also, documentation may be legally required. Some types of personally identifiable information are subject to state or federal privacy legislation. If you store sensitive data about customers, patients, or employees on your computer system and the information is compromised, you may be legally required to notify the individuals whose data has been breached and to report the breach. 

Once your plan has been fully implemented and the breach has been contained, conduct a debriefing session with the response team. Ask members to run through the steps they took and the lessons they learned from the process. Members should describe any issues they encountered so the plan can become stronger.

About Arroyo Insurance Services

Arroyo Insurance Services was officially established in 1986, but we have roots dating back to before 1950. One of California’s leading client-oriented and independently owned agencies, we have over 140 employees with a combined experience of over 450 years, spread across 11 locations. We are committed to providing the best insurance and risk management services at the most competitive premiums, and backing it with hands-on service tailored to our customers’ needs. For more information on how we can mitigate your risks, contact us today at (877) 220-4769.