The risks to companies in the context of a data breach are significant. Key concerns include reputational harm, adverse media attention, and customer churn, class actions and other claims from consumers, employees, corporate customers, financial institutions, and shareholders, and regulatory/law enforcement actions. As such, preparation is critical. Companies should address the potential for data security incidents throughout the full life cycle of information management, from product and application design, to initial data collection and use, to record retention and secure disposal. Companies should also proactively align incident response policies, legal counsel, forensic providers, identity theft protection services, public relations firms, and other resources to prepare for data incidents and notification issues.
Baker McKenzie provides this Guide as a resource for companies to benchmark the ever expanding range of global breach notification requirements.