Skip to main content

Remember the old quote about "prior preparation?"

Well, it has great relevance to how your company responds to a data breach incident.  If you don't have a formal breach incident response plan (and we will be discussing why you should), then you have not prepared for what most experts say is the inevitable data breach.  Remember, it's not a matter of "if":  it is a matter of "when".

One of the first things that you will need to consider is what your obligations are under the various data breach notification laws.   Mintz Levin has prepared a matrix of state data breach notification laws that can be used to help start the process.  This matrix is updated regularly as laws change (which they do frequently).  

These are state laws only.  There may be other data breach notification obligations attendant to a particular situation, depending on the nature of the information compromised, other applicable regulations; and a host of other issues. 


Subscribe To Viewpoints


Cynthia J. Larose

Member / Chair, Privacy & Cybersecurity Practice

Cynthia J. Larose is Chair of the firm's Privacy & Cybersecurity Practice, a Certified Information Privacy Professional-US (CIPP-US), and a Certified Information Privacy Professional-Europe (CIPP-E). She works with clients in various industries to develop comprehensive information security programs on the front end, and provides timely counsel when it becomes necessary to respond to a data breach.