Better Business Bureau
Start With Trust
Data Security — Made Simpler
Data Security Guide
- 1. Securing Sensitive Data
- 2. Monitoring & Transmitting Financial Data
- 3. Becoming 'PCI Compliant'
- 4. Disposing of Data
- 5. Data Security and Your Customers
- 6. Spotting Identity Theft
- 7. What To Do If Consumer Data Is Stolen
- 8. Global Enterprises Data Security Issues
- 9. Responding to Third Party Data Requests
- 10. Common Technical and Legal Terms
- 11. About Our Topic Experts
- Home
- Data Security
- 7. What to Do if Customer Data is Stolen
7. If Customer Data is Stolen or Lost — What to Do Next
A small business must respond quickly if sensitive customer information is lost or stolen, giving an unauthorized person access to that sensitive information. If this occurs, you'll need to notify the affected customers.
Getting Started
- Create a Data Breach Notification Policy.
A data breach notification policy tells consumers how your small business will notify its customers if a data breach occurs. - Train Your Employees to Identify Breaches.
Employees need to know how to spot a potential breach and how to report this type of event. - Immediately Gather the Facts of a Potential Breach.
- Notify Financial Institutions.
If financial information, such as payment card numbers, was compromised, contact the bank or company that manages your payment card processing. - Seek Outside Counsel.
Seek attorney assistance or guidance from a risk consulting company as soon as you become aware of an incident that might constitute a data security breach. Your attorney can help you identify which laws might be involved, and whether you need to alert consumers or the government of the incident. - Notify Affected Customers.
Notify them in the manner you said you would in your Data Security Policy.
In This Chapter
85% of data breaches occur at the small business level.
Source: Visa