Data breaches have affected numerous companies over the past few years. Companies frequently mismanage their efforts to mitigate the effects of these breaches and do not have a complete and thorough understanding of the facts. Such oversights and the failure to be proactive can potentially lead to public relation nightmares, as seen from some recent data breaches.
In an interview with HealthcareInfoSecurity, a multi-media website published by Information Security Media Group, Corp., Ronald I. Raether (FI&C Partner) discusses the dos and don'ts of post-breach communications and identifies best practices for media management in order to mitigate or prevent unnecessary litigation or government investigations. Mr. Raether discusses the importance of developing a plan that will effectively communicate to the audiences affected by the breach, and that is in proportion to the event. Mr. Raether also discusses when it makes sense to hire a breach resolution or public relations firm to help with post-breach communications. Mr. Raether further instructs organizations on how to reach out to regulators, such as state attorneys general, and encourages organizations to do so before issuing a breach notice in order to keep the attorneys general well-informed and to avoid misunderstandings and unnecessary points of conflict. Post-Breach PR: Lessons Learned (Attorney: Providing All the Facts Is the Key to Credibility) http://www.healthcareinfosecurity.com/interviews/post-breach-pr-lessons-learned-i-1527.