While nothing in the Guide will be new to those who keep data privacy and information security top of mind, or who regularly follow our posts here, it’s a good summary resource to review with your IT, data breach response team and other key and C-level suite members to measure how your existing breach posture matches to the FTC’s broad expectations. The Guide also include a “model data breach notification letter” template, which will require further modification, depending on what states notification is being provided to given individual states particular requirements, but none-the-less is a good touchstone to have and build upon.
For its part the video is an easy, just over 2-minute, opportunity to raise security awareness in employees and to provide them with a basic overview of what a breach response will entail – even if they aren’t involved in the actual response chain.
Overall, the FTC has continued to be extremely active is pushing the envelop on data security and privacy, and provides many easy-to-access resources for SMB’s to gauge their data security and breach response readiness. Of course, the FTC is joined by a literal phalanx of States Attorney Generals and other federal agencies, depending on whether an entity is in a regulated industry. Navigating the maze of state and federal laws, rules and regulations is no straightforward task, and we’re happy to answer any questions you may have on the Guide or other requirements.