Skip to content
iQ 360
An integrated communications agency
360
  • Home
  • Our Work
  • Capabilities
  • About
  • Join Us
  • Blog
  • Contact
We build + protect reputations

Data Breach Communications: Your Crisis Checklist

08.14.19 | by iQ Staff
  • Share via
Crisis Communications, PR
  • Share via

It can happen to any company, and affect virtually anyone. A data breach is all too common an occurrence these days, hitting internet giants like Yahoo, hotel leaders like Marriott and big box retailers like Target. It even struck Equifax, a company consumers turn to for credit monitoring, prompting the largest data breach settlement in history.

When data is compromised, it’s a crisis — the type of crisis that stops everyone in their tracks. Companies must be prepared to communicate or risk severe reputational damage, which may be impossible to repair. Here’s an essential primer on effective communication in the face of a data breach.

 

Prepare immediate, necessary communications

A data breach is obviously a special type of crisis and mandates thorough preparation beyond a basic crisis communications plan. Your executive and legal teams should be prepared with appropriate plans and precautions to make formal, public disclosures, notify customers, as well as communicate with law enforcement. Any or all of these actions may be immediately required depending on the industry and type of data compromised.

 

Make proactive statements

While there may be circumstances that prevent companies from communicating proactively about a breach, a public notification is often the best way to help preserve a company’s reputation and possibly contain the crisis by inviting affected customers to closely monitor their credit activity. The communications team must work closely with the legal team, and outside counsel if needed, to understand any federal or state notification laws that might be applicable.

 

“Communications, on several levels, needs to kick into high gear in the face of a data breach.”

 

Manage misinformation

Whether or not a company chooses to communicate about a data breach, information may find its way into the public domain via well-connected journalists or customers communicating on social media. If you’re not legally restricted, correct the record as quickly as possible and continue to be vigilant monitoring for falsehoods.

This is another reason why a proactive statement right out of the gate, circumstances permitting, may be the best bet. Often the first account of a news item is the one that sticks, and being first goes a long way toward owning the narrative.

 

Brief trusted reporters

Your communications team likely has at least a handful of trusted journalist contacts that have an interest in disseminating the facts to their readers. It may make sense to spend time with these reporters, even after a public disclosure, to help provide context and details to the story.

 

Provide ongoing updates

It is important to update the media and the public about post-breach activity when new information becomes available. Rebuild trust by reassuring customers and the marketplace that the security of their information remains a priority. This is the time to activate those legions of social media followers that the communications team has been cultivating. One caveat: these communications should be timed and crafted carefully, so as to avoid creating any additional confusion.

When a data breach occurs, unaffected companies may breathe a sigh of relief and say, “At least it wasn’t us.” Unfortunately, based on the frequency of data breaches — more than 6,500 were reported in 2018 alone — the next breach is likely right around the corner. If it does affect your company, being prepared will go a long way toward communicating effectively with your most important stakeholders.

  • Share via

Top Picks for You


March 29, 2023

iQ Interview Series: Marie Kennedy on Corporate Boards and DEI →

February 15, 2023

2023 Super Bowl Commercials: Our Top Picks →

Post navigation

 5 Tips For Creating Content That Matters
Creating a Digital Program: How to Build B2B Relationships Online 

Categories

C-Suite
Tactics & Tips
Visual Communication
iQ Insights

Must Reads

March 11, 2020

Communicating During Times of Uncertainty →

April 15, 2020

Why Internal Communication Should be Your Top Priority →

October 9, 2019

The Real Value of Diversity in Marketing →

Stay in the know with our quarterly newsletter
Loading...
iQ 360

We believe in the power of communication to change the world

808.536.2729
Privacy Policy | ©2023 iQ 360 Inc. All rights reserved.
We are a certified minority- and woman-owned business.
iQ 360

We believe in the power of communication to change the world

808.536.2729
Privacy Policy
©2023 iQ 360 Inc. All rights reserved.

We are a certified minority- and woman-owned business.

Privacy Policy

Last updated on June 5, 2018.

 

This privacy policy explains our collection, use, disclosure, retention, and protection of personal information collected through our website, www.iq360inc.com (the “Website”).

 

  1. Information We Collect

We collect personally identifiable information about you, including your name, email address, and phone number, when you send an inquiry to us on the contact form on the Website.

 

  1. How We Use Your Information

We will use your information only to respond to you regarding the reason you contacted us. We will contact you by the means by that you have consented to us contacting you, as you indicate when you submit an inquiry to us via the Website.  We will not share your information with any third party outside of our organization.  We do not send any promotional emails; however, we may contact you via email in the future to tell you about changes to this privacy policy.

 

  1. Cookies

 

  1. Storage of Information

Personally identifiable information that you submit to us via the Website is processed and stored, if at all, in the United States.  We will not keep your personal data for longer than is necessary for the purposes for which it was collected.  We determine the retention period based on the purpose for which the information was obtained, our legal obligations, and our technical and business requirements. 

 

  1. Your Access to and Control Over Information

You have the right to opt out of any future contacts from us at any time. You may do the following at any time by contacting us via info@iq360.inc.com or 808-536-2729:

  • See what data we have about you, if any.
  • Change/correct any data we have about you.
  • Have us delete any data we have about you.
  • Express any concern you have about our use of your data or if you feel that we are not abiding by this privacy policy.

  

  1. Security

We take precautions to protect your information. When you submit sensitive information via the Website, your information is protected both online and offline. Only employees who need the information to perform a specific job (for example, customer service) are granted access to personally identifiable information. The computers/servers in which we store personally identifiable information are kept in a secure environment.

 

  1. Updates to This Statement

This privacy policy may be subject to updates.  Any material future changes or additions to the processing of personal information as described in this privacy policy affecting you will be communicated to you through an appropriate channel.  For example, we may email you to let you know about updates to the privacy policy.

 

 

Subscribe

Emails collected through this form will be used for marketing and business updates. We are the sole owners of the information collected on this site. We only have access to information that you voluntarily give us. We will not sell or rent this information to anyone. You may opt out of any future contacts from us at any time by contacting us via the email address or phone number given on our website. Please see our privacy policy for full details.