Really??? Proposed legislation would allow companies to keep some data breaches secret

Let me make sure I have this right … the same company officials who are currently being warned about cyber risk but are not finding it significant enough to act are going to be the ones who determine whether there is a reasonable chance that customers will be harmed — from their data breach — and if, in their judgment there is not, they will not have to go through a breach response? Really???

“The proposed law would require quick disclosure by companies if there is a risk of serious identity theft or fraud, the Wall Street Journal’s Risk & Compliance Journal (sub. req.). But there would be no need for disclosure when company officials believe there is no reasonable chance that customers will be harmed.”

via Proposed legislation would allow companies to keep some data breaches secret.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s