It’s Business, And It’s Personal

Tips for businesses on dealing with data breaches

On Behalf of | Jan 21, 2015 | Business Litigation |

All business is relational. Without an interaction at some level of two human beings, deals don’t get proffered or made. Even in the current environment where so much is handled digitally, North Carolina businesses can’t downplay the power of the personal relationship.

A lot of the information that gets passed around as part of our daily transactions might be reduced to computer code, but if that code gets broken and a breach occurs, it becomes very personal. And where that element is a factor, the risk of a business facing a wide array of disputes that require litigation has a way of increasing.

Calling on an experienced attorney is always recommended when such issues arise, but ahead of that, there are some things experts suggest that businesses should do to address the possibility of a data breach.

First, as was reported recently by, businesses should expect hacking to spike in the early part of 2015, at least in the U.S. That’s because the more secure chip-and-PIN technology that’s been in use in Europe for some time isn’t due to for widespread adoption here until October. 

Experts at Experian Data Breach Resolution say data stored in cloud servers will likely be particularly attractive to hackers because the consumer information they contain will likely open paths to multiple accounts. The security pros say that puts an onus on businesses to have a plan for swiftly communicating breaches to customers and a smooth system in place for resetting passwords.

And Experian says the tone of that communication is going to be important, too. They say data breach fatigue is already a big concern. That is, in the face of the rising number of breaches, consumers are becoming more apathetic about taking action to protect themselves.

Because of that, Experian officials say notifications about breaches need to be worded with relationship in mind. Instead of simply sending a form letter that meets legal requirements, notices should be sincere communication that includes an explanation of exactly what happened and an apology. It should also include steps on what customers can do in the event their data is fraudulently used.

As the old saying goes, an ounce of prevention is worth a pound of cure.