Bryan Cave's "Data Breach Litigation Preparation: Should Companies Communicate with the Public/Media After a Data Breach?" outlines the multiple considerations associated with deciding whether, when, how, and what the company should communicate with potentially impacted individuals and the media following a data breach. The thoughtful post identifies potential upsides and downsides of non-mandated communications - appropriately taking into account potential litigation and regulatory risks, and educates companies about how the media may react to inform their decision-making and preparedness.
See also the firm's "Data Security Breach Handbook," which addresses communications in the broader context of multiple incident response activities, as well as incident preparedness (e.g., cyber insurance, WISPs) and other relevant issues. Access additional information & resources on our Cybersecurity/Data Privacy page. This post first appeared in the weekly Society Alert!