Legal & Regulatory Compliance

All business is required to report the loss or theft caused by a breach. The cost of using an attorney could range from $75K to 100K.  In the case of the well-publicized Target® breach, over $1 billion.

Most of the public is unaware of what is required when a breach occurs. Most companies are also in denial that it will not happen to them. But it is not if, but when it will happen.

Can your company be breached by hackers? Could you have prevented that breach? If you suffer a breach what are the ramifications: Potential class-action lawsuit or an investigation and fines by a regulatory agency? Assuming you cannot prevent the breach, can you avoid lawsuits by disgruntled customers or investigations by a State Attorney General (AG), the FTC, SEC, HHS, PCI (Purchase Card Industry), etc.? Prevent, probably not, but successfully defend; most likely! In the event of the actual or suspected breach of PII Breach reporting is required. Reporting Service reports to authorities and notifies consumers, as required. Various state, federal and international laws require businesses to protect the personally identifiable information of employees, vendors, and customers. Penalties for noncompliance can include fines, prosecution and even jail time. While it is impossible to completely avoid a breach due to uncontrollable circumstances, 97% could have been prevented. Proactive detection and correction can go a long way to prevent loss and further fallout due to reputational damage, lost sales, fines, lawsuits, and prosecution. Types of personal (PII) information include name, address, phone, email, birthdates, Social Security numbers, driver’s license, bank account and credit card information and the list continue to grow with new and revised legislation and court rulings.

General Guidelines (most state have enacted their own requirements).

CSI can assist you in detail as Stated in our complimentary Cyber-Security Liability and Risk Assessment Action Sheet