COSTA MESA, Calif.,
June 23, 2015 /PRNewswire/ --
Experian Data Breach Resolution today released a white paper on the
current state of data breach legislation that shapes how companies
must prepare for and respond to a data breach. In the wake of
several recent high-profile data breaches, the discussion around
data breaches is heating up, and impending changes have companies
waiting for how that will impact their incident response at the
state, federal and global levels.
Currently, companies face a segmented system of state- and
sector-specific data breach laws. At the same time, policymakers in
the European Union (EU), Australia
and Brazil are considering new
approaches to data breach notification that could impact businesses
that engage in global commerce.
"With data breach law debates continuing in Congress and among
state regulators, we are likely to see shifts in the legal
frameworks that companies must follow," said Michael Bruemmer, vice president, Experian Data
Breach Resolution. "Organizations must ensure they understand and
are meeting both the legal requirements and expectations of
regulators to protect customers in the event of a data breach.
Identifying subject matter experts such as outside legal counsel
ahead of time is imperative to help businesses navigate the complex
regulatory landscape."
Some of the highlights from the report, Government Focus on
Cybersecurity Elevates Data Breach Legislation, include:
State patchwork becoming more complex
When a data
breach occurs in the United
States, businesses are guided by a patchwork of 49 existing
laws in nearly every state, the District of Colombia and Puerto
Rico. Adding to this complexity, state legislatures continue
to modify their requirements to be stricter on the types of
information that constitutes risk for identity theft. For example,
Illinois currently is considering
legislation that would take the definition of personal information
beyond financial information and other key financial identifiers to
less-sensitive data, such as marketing information.
Congress closer on federal breach rules
There are
several bills active in Congress that are aimed at forging a
national data breach standard. Lack of consensus on the specifics
of the legislation previously contributed to delays; however, the
subject is once again a top priority for lawmakers to discuss
during the 114th Congress. Although some in the security community
are opposed to a federal data breach notification standard, the
possibility of federal legislation preempting state laws is
garnering more support than ever before.
Global breach rules put international data loss in the
spotlight
New global data breach policies are particularly
complicated for companies operating at an international level. The
EU is considering an expansive rewrite of the region's data
protection law that would require 24-hour notification for all
commercial sectors. Brazil
introduced a new data protection proposal in February, and there
are signs that the Australian government will renew a push to enact
a data breach notification standard.
To access the complementary white paper, visit
http://bit.ly/1GxgpRk.
Additional data breach resources, including Webinars, white
papers and videos, can be found at
http://www.experian.com/databreach. Read the Experian Data Breach
Resolution blog by visiting http://www.experian.com/dbblog.
About Experian Data Breach Resolution
Experian Data
Breach Resolution, powered by the nation's largest credit bureau,
is a leader in helping businesses prepare for a data breach and
mitigate consumer risk following breach incidents. With more
than a decade of experience, Experian Data Breach Resolution has
successfully serviced some of the largest and highest-profile data
breaches in history. The group offers swift and effective
incident management, notification, call center support and fraud
resolution services while serving millions of affected consumers
with proven credit and identity protection products. In 2013,
Experian Data Breach Resolution received the Customer Service Team
of the Year award from the American Business Awards. Experian Data
Breach Resolution is active with the International Association of
Privacy Professionals, the Health Care Compliance Association, the
American Health Lawyers Association, the Ponemon Institute RIM
Council and InfraGuard and is a founding member of the Medical
Identity Fraud Alliance. For more information, visit
http://www.experian.com/databreach and follow us on Twitter:
@Experian_DBR.
About Experian
We are the leading global information services company, providing
data and analytical tools to our clients around the world. We help
businesses to manage credit risk, prevent fraud, target marketing
offers and automate decision making. We also help people to check
their credit report and credit score, and protect against identity
theft. In 2014, we were named by Forbes magazine as one
of the "World's Most Innovative Companies."
We employ approximately 17,000 people in 39 countries and our
corporate headquarters are in Dublin,
Ireland, with operational headquarters in Nottingham, UK; California, US; and São Paulo, Brazil.
Experian plc is listed on the London Stock Exchange (EXPN) and
is a constituent of the FTSE 100 index. Total revenue for the year
ended March 31, 2015, was
US$4.8 billion.
To find out more about our company, please visit
http://www.experianplc.com or watch our documentary, "Inside
Experian."
Experian and the Experian marks used herein are trademarks or
registered trademarks of Experian Information Solutions, Inc. Other
product and company names mentioned herein are the property of
their respective owners.
Photo - http://photos.prnewswire.com/prnh/20150622/224745
To view the original version on PR Newswire,
visit:http://www.prnewswire.com/news-releases/experian-data-breach-resolution-policy-paper-provides-insight-into-data-breach-legislation-300102294.html
SOURCE Experian