Exterro's Legal GRC Breakdown

Get your daily dose of news, best practices, and technology from Exterro's e-discovery, privacy, and digital forensics experts here.


Infographic: The Do's & Don'ts of Data Breach Response/Management

Created on April 1, 2021

Demand Generation Manager, Exterro

Today's data breach landscape is unprecedented and complex. Every organization is facing potential enforcement of many interconnected and overlapping laws in multiple jurisdictions. Requirements for what constitutes a privacy breach or legal privilege, or what thresholds regulators are setting to hold organizations to account vary significantly.

What needs to be done? Should we call law enforcement? What about the General Data Protection Regulation's (GDPR) requirement to notify within 3 days? Should we notify consumers? Although there is no one-size-fits-all approach, here are some of the key do’s and don’ts when responding to an incident.

The 6 Things Not to Do During an Incident or Breach Response

  • Run an incident response manually in an Excel or Word doc

  • Waste time attempting to identify the appropriate personnel and organize meetings across time zones and jurisdictions to assign roles and responsibilities

  • Use insecure or undocumented communications with uncontrolled participation

  • Collect data using ad-hoc tools which cannot guarantee its integrity

  • Fail to enable legal counsel to supervise the investigation and forgo privilege

  • Miss deadlines due to a manual notification processes

The 6 Things You Should be Doing During an Incident or Breach Response

  • Automate your incident response plan

  • Assign roles and responsibilities and automatically communicate them to participants

  • Communicate through a secure external channel that preserves the opportunity to assert privilege

  • Investigate the incident using state-of-the-art forensic tools

  • Use AI To evaluate data and determine what data and which data subjects and jurisdictions were affected

  • Generate jurisdiction specific notifications automatically

To orchestrate a strong defensible response process, organizations need their own automated and encrypted incident and breach management system, configurable workflows and defined tasks for stakeholders, where the evidence of defensibility is generated by the activities associated with the response to a data event. See how Exterro Incident and Breach Management can help you orchestrate an efficient and defensible breach response process.

Take a look at our Incident & Breach Response infographic below, and download your own copy here!