Data Breach Prevention and Response: A Guide for Business Officers

March 2016 | 0 Comments  Average 0 out of 5

Share This:

  • Share on Facebook
  • Share on Google Plus
  • Share on Linkedin
« Back

About This Resource

In 2013, educational institutions publicly acknowledged 48 data breaches, according to the Privacy Rights Clearinghouse. The actual number of breaches is far greater because many are never disclosed. This guide can help risk managers and business officers at colleges and schools, particularly those with limited resources, engage in risk management planning. Responding to data breaches comes with significant cost. Institutions often need computer forensics to determine the cause of the breach, the extent of damage, and whether the breach is ongoing. Forty-seven states and the District of Columbia have enacted laws requiring notification of individuals whose personally identifiable information is exposed in a breach. In addition, many institutions offer credit monitoring services and identity theft protection to individuals affected by the breach.

The guide identifies special vulnerabilities for educational institutions to consider including laptop computers, flash drives, credit card numbers, medical records, and vendors. Another concern is students and employees using social or peer-to-peer file sharing networks. It then provides checklists to plan for a breach that cover management of information assets and planning a response. It also includes checklists for key actions once a breach has occurred such as breach detection, exposure assessment, communication of the breach, and system restoration and recovery.


Add Comment

Text Only 2000 character limit

Page 1 of 1