Patricia M. Wagner, Chief Privacy Officer and a Member of the Firm, in the firm’s Washington, DC office, was featured in Corporate Disputes magazine, in “Expert Forum: Data Protection and Cyber Security Litigation.” The Q&A asked panelists to reflect on the data protection and cyber security challenges companies face today.
Following is an excerpt (see below to download the full article in PDF format):
CD: How would you characterize the potential risks, liabilities and penalties facing organizations whose cyber security and sensitive data has been compromised? …
Wagner:Every organization that holds consumer data, particularly sensitive consumer data, is facing a risk that the data will be compromised. The goal is to be able to manage that risk, through appropriate safeguards, constant assessment of the environment, appropriate policies and procedures and oversight. In that way, in the event a breach does occur, an organization that is able to demonstrate that it took reasonable and appropriate steps to secure the information it held mitigates the risk of a fine or penalty being issued by a regulatory agency. While private civil litigation may be, at this point, inevitable in any substantial breach, organizations that have response plans in place prior to the breach can mitigate and minimize the likelihood that the breach will cause harm to individuals. While that may not avert litigation being filed, it provides the organization with strong defenses in the litigation.