Making the best of a worst-case scenario – a privacy breach: PrivacyRight tools for September

Privacy breaches happen despite organizations’ best efforts to protect the personal information they collect, use, or disclose. And when they do, the repercussions can be severe: from leaving individuals vulnerable to financial fraud and identity theft to destroying the trust an organization has worked hard to build.

Organizations need to be proactive and familiarize themselves with the steps to take should the unthinkable happen. This month’s PrivacyRight tools offer organizations comprehensive guidance to bolster this crucial component of their overall privacy management plan.

PrivacyRight Webinar 8, Managing Breaches, covers the four steps we recommend organizations take in the wake of a privacy breach: containment, risk assessment, notification, and prevention.

The webinar offers advice on how organizations should proceed from the moment they become aware of a privacy breach, including factors to keep in mind when assessing risk; when individuals should be notified and what that notification should entail; and safeguards to consider to prevent a recurrence of the breach.  The webinar also looks at when organizations should report a privacy breach to the OIPC.

This month’s featured PrivacyRight guidance document, Privacy Breaches: Tools and Resources, goes into additional detail and offers practical tools that organizations can use to improve their breach response practices, including a privacy breach checklist,  privacy breach management policy template, and breach notification assessment tool.