Effective PR includes providing excellent service to your customers, including protection of their privacy and data security.
Several recent cases illustrate the high cost of loss of customers’ personal data. Two examples on December 2, 2015:
- Target Corporation — The retailer settled a class-action suit over claims that resulted from the 2013 data breach. Target’s $39 million settlement could set a precedent for retailers picking up the costs for data breaches; Target will pay most of the costs that banks and other credit card issuers incurred after cyberthieves gained access to personal data of 40 million Target customers. Home Depot and several other retailers are locked in similar litigation after hackers gained access to their systems.
- LabMD, Inc. — In a rare loss for the Federal Trade Commission (FTC) in a data security case, an administrative law judge has rejected the agency’s complaint against LabMD, a clinical testing laboratory. FTC had alleged that the company’s inadequate data security measures in 2008-2012 caused harm to consumers. The judge’s decision, if left unchallenged, could change the standard of “reasonable security.” Businesses should take every reasonable step to try to ensure that their data security practices are in compliance with all appropriate standards and legal requirements. This legal alert from Davis & Gilbert provides important background.
Your company should have a crisis plan that addresses cybersecurity processes, potential data breaches, readiness to activate your plan when needed, and preparation to be the first to inform your customers when a data breach has occurred.
Contact us if your company needs help improving – and practicing – crisis management. We have experience preparing clients for data breaches and helping them respond immediately when “bad guys” strike.