Coast Insights

Coast Insights.

Sign up to receive our Coast Insights e-newsletter to get PR tips and corporate communications advice, plus updates about Coast Communications.

Tips to Prepare for November 1 Privacy Breach Regulations

October 10th 2018

Equifax. Facebook. Countless banks and credit unions. What do they have in common?
                                                                                     
Over the last year we’ve seen these and many other brands lose a significant amount of hard-earned positive corporate reputation and brand equity through privacy breaches and data hacks – often made worse by poor crisis communications management.
 
Up until now we’ve only heard about these breaches when organizations decided to tell us, media broke stories or the scale was too big to ignore. But as of November 1, federal regulations change and all organizations that suffer a privacy breach must report it to the regulator, who may notify the public.

"New regulation is good news for consumers and public, but in our experience many organizations are not prepared to effectively manage the new world we live in of increased customer expectation of data protection and the new the regulations," said Wendy Hurlburt, Kirke Management Consultants Executive Director and Head of Privacy.
 
The majority of data and privacy breaches are caused by internal employees; breaches maybe as simple as leaving a folder with a printout of customer or marketing information in a car. Cyber attacks are also increasingly common (think when, not if). And with the new reporting regulations, you will have to manage a breach in front of a public with a quickly diminishing patience.

Organizations should build strong programs based on 4 pillars:

  1. Maintain an effective and robust Privacy and Data Management Program
  2. Ensure strong cyber security practices
  3. Best practice breach identification, remediation and response processes
  4. Effective crisis communications planning and management

There is still time to implement best practices for both privacy management and crisis communications to prepare for, mitigate and manage a privacy breach.

Crisis communications response begins now – with a proper plan that identifies the risks and lays out the procedures to following in the first hour, day and week. Principles of empathy, transparency and timeliness are at the forefront of good practice.
  
"Trust is one of the most valuable commodities any organization can have. Maintaining trust in the face of a privacy breach is essential if you want to maintain your brand, reputation and all the financial benefits that come with that," said Tamara Little, Coast Communications and Public Affairs. "Preparation is an investment in your bottom line."

Click here for information about our Privacy and Cyber Breach and Crisis Communications services, including workshops.