Here is an example of a data breach response checklist you can use.
Conduct an initial assessment
Determine the nature of the incident – Is it in fact a breach?
Determine the type of information that has been exposed and the records involved
Identify all affected systems, computers, and devices
Assemble an incident response team (IT team, external consultants)
Deploy breach mitigation efforts
Determine if the breach is active and ongoing
Determine the cause of the breach and mitigate
Bring down affected systems as needed, communicate with clients
Notify third parties
Impacted individuals
State attorneys general
Applicable regulators
Credit reporting agencies
Clients, customers, and partners (as may be required by agreements)
Preserve records of the breach and mitigation
Preserve evidence of the breach, including log files
Control the creation of new documents and records
Document all efforts to investigate and mitigate the breach
Involve legal counsel and consultants as necessary
Post-breach
Assess root cause of the breach
Assess incident response process
Assess information security environment and resources
Your company should customize this checklist based on its type of business, its location and the types of laws that govern your company's business.
Sound complicated? It is!
Want help understand your data breach response obligations? Sign up here to get notified when FileBreachReports.com breach response tools go live.