It is almost impossible to be a business and not collect personal identification information – names, addresses and Social Security numbers etc,. about your customers or employees. If this information is lost or stolen, it could put these individuals at risk for identity theft.
What steps should you take and whom should you contact if this information is compromised? Answers vary depending on the situation; however, the following information can help you make smart, sound decisions.
Here are 3 important steps to take when you first realize your business has encountered a security breach.
1. Notify Law Enforcement – When the breach could result in harm to a person or business, call your local police department immediately. Report your situation and the potential risk for identity theft.
2. Notify Affected Businesses – Information compromises can affect other businesses, such as banks or cred issuers. If names and Social Security numbers have been stole, you can contact the major credit bureaus for additional advice.
3. Notify the Individual – Generally, early notification to individuals whose personal information has been stolen allows them to take steps to mitigate the misuse of their information.
The Federal Trade commission (FTC) provides guidance to businesses regarding information if their company has had a data breach.