When a data breach occurs, will you turn to your carefully crafted data breach response plan … and find it lacking? If your business operates globally, but you were only thinking domestically when you created your response plan, you may find that plan is insufficient for your needs when a cross-border data breach occurs.
When a breach occurs that involves the illegal access or movement of data internationally, an already complex situation can become infinitely more complicated and volatile. In addition to U.S. laws governing privacy and data breach response, an international breach may involve the laws of another country. It’s vital that your data breach response plan takes into account applicable regulations in every country where you do business.
Cross-border risks are already significant; 8 to 10 percent of the breaches handled by the Experian Data Breach Response team were international in nature. As the global economy continues to grow, so, too, will the risks of a cross-border data breach. In fact, we’re so concerned with raising awareness of this issue that we will be presenting on the topic at the upcoming IAPP Global Privacy Summit in Washington, D.C.
Privacy and security professionals from around the world will gather March 5-7 to focus on a range of compelling privacy-related topics, including data breach response. James Harvey, a partner in the law firm Alston & Bird and I will present “Cross-border Data Breach Response: The Next Frontier” on Thursday, March 6 at 8am PT. We will be streaming live and welcome your attendance and real-time comments or questions via twitter.
We will discuss current data breach laws outside the U.S., including sector-specific regulations, European Union laws and how they’ll impact American companies, and which countries have strict regulation versus voluntary guidelines. We will also explore the practical issues involved in conducting an international data breach investigation, operational elements of international data breach response, and how an international breach response differs from a domestic data breach response.
To learn more about the IAPP summit and presentations, including Experian’s seminar on international data breach response, visit the IAPP Global Privacy Summit website.