Plan for a worst-case scenario with your business records management program

by on July 8, 2009 · 0 Comment POSTED IN: HR Info Center

Crisis planning helps contain problems with security breaches in your business records management program

No one wants to think a security breach may happen to with their company’s business records management program. However, it’s not a matter of when or whether a breach will occur, it’s just a matter of when.

The fact to the matter is at some point in your career you will have somebody come in your office and say, “Oh my gosh, something has happened. I think we might have a security breach.” The best thing is to know what to do in advance. It will dispense in a moment of what would happen in the event of that kind of incident.

Crisis planning in a business records management plan
The logistics here can be more complicated than you would think. For instance, who needs to be involved in your company in making decisions such as, “Yes, we need to issue notices to our employees and to our costumers.”

Who needs to sign off on the content of the notices? Because it’s really isn’t just an issue for legal. You also have to think about what the total communication strategy is. You want to get if you have a PR firm, if you have a corporate communication expert, you want to get efforts as input too. And certainly your sales and marketing, people who are interfacing with your customers, one have say too.

Crisis team composition
The point of this process is really deciding who needs to be on the team? Who needs to sign off on what and who has authority to make the judgment calls that we would need to make in a short period of time, if heaven forbid we had a breach in the security of your business records management system?

So, having the business records management crisis team set up in advance saves the valuable time. The critical issue of any event of a breach is providing notice to the state and federal authorities. The laws require the notice to be provided as soon as practical in the circumstances which means as soon as possible unless you can justify why this has taken you, X number of extra days to provide the notice.

As you can imagine, consumers and employees, affected individuals expect to receive that notice of a security breach ASAP because that allows them to place the security freezes on the credit reports, get credit monitoring and prevent identity theft if possible. Time is of the essence here at having your team ready in advanced will really help with that.

Edited remarks from the Rapid Learning Institute webinar: “Identity Theft: What HR Can Do To Protect Sensitive Employee Data” by Christine E. Lyon, Esq.

Leave a Reply


Request a Free Demo

We'd love to show you how this industry-leading training system can help you develop your team. Please fill out this quick form or give us a call at 877-792-2172 to schedule your one-on-one demo with a Rapid Learning Specialist.