Many companies keep sensitive personal information about customers or employees in their files or on their network. Having a sound security plan in place to collect only what you need, keep it safe, and dispose of it securely can help you meet your legal obligations to protect that sensitive data. The FTC has recently printed an information packet called, “DATA BREACH RESPONSE A Guide for Business,” which I would suggest as recommended reading.
You can find a .pdf copy of this guide here:
If you do have a data breach, your first action should be to contact your attorney for guidance and help as you sort out your reactions and obligations.
Please feel free to contact me with any questions you may have.