The Above the Law post: The Legal Technology Leadership Summit: The Need for Uniform Data Breach Notification Legislation caught my attention this morning. The thought leadership going into discussion of electronic information and how to protect companies and individuals served by those companies is interesting to follow.
Legislation designed to decrease a companies cost in providing necessary information to their customers about data and security breaches is a thought whose time just may have come. I’m not sure. In Pollyanna world we would like to think all companies will do the “right” thing and data that is breached would self-destruct in a Mission Impossible style.
Unfortunately, the desire to protect company assets often comes to bear more importance than doing right by the consumers. I am intrigued by Christina Ayiotis‘ statement:
“Corporate America would be much better served with a national approach defining when data breach obligations are triggered and setting forth what those obligations are.”
I suspect that if this call for a national approach moves forward companies will look more closely at the methods, protocols and processes that would be necessary to be proactive in dealing with data breaches and privacy concerns. Putting the right team and tools together can preempt expensive processes even before the national legislation is pushed through. Companies can ask is there an opportunity for us to save money, improve processes and do right by our customers. I think the answer is yes.
Constance Ard July 1, 2011