Fandom

The IT Law Wiki

Privacy: Lessons Learned about Data Breach Notification

32,199pages on
this wiki
Add New Page
Talk0 Share

Ad blocker interference detected!


Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.

Citation Edit

Government Accountability Office, Privacy: Lessons Learned about Data Breach Notification (GAO-07-657) (Apr. 30, 2007) (full-text).

Overview Edit

The GAO investigated a May 2006 data breach at the Department of Veterans Affairs (VA) and other similar incidents. The GAO identified the following lessons learned regarding how and when to notify government officials, affected individuals, and the public: (1) rapid internal notification of key government officials is critical; (2) because incidents vary, a core group of senior officials should be designated to make decisions regarding an agency's response; (3) mechanisms must be in place to obtain contact information for affected individuals; (4) determining when to offer credit monitoring to affected individuals requires risk-based management decisions; (5) interaction with the public requires careful coordination and can be resource-intensive; (6) internal training and awareness are critical to timely breach response, including notification; and (7) contractor responsibilities for data breaches should be clearly defined.

Also on Fandom

Random Wiki