Call Today! 501.525.5752
When a breach occurs the clock starts ticking to comply with federal, state and other laws. Reporting involves the where, when and how of the incident.
The simple answer is it’s anything that can be used to identify you.
Types of personal information include: name, address, phone, email, birth dates, Social Security numbers, driver’s license, bank account and credit card information.
The loss of this information leads to identity theft.
Other personal information includes health information, medical records, Vehicle Identification Numbers, license plate numbers, login credentials and passwords, school records as well as voice recognition files. Fingerprints, retina scans, and handprints are also considered personal information.
The unauthorized access, loss, use or disclosure of information by either accident or criminal intent which can identify an individual.
A breach can occur in many ways, including through lost laptops or smart phones, improper disposal of paper records, or intrusion into your network or PC by hackers. The definition continues to expand.
More than 100 countries, as well as 300 federal, state and local authorities require reporting. In addition, reports may need to be filed to Visa, MasterCard and other non-governmental entities. Who you need to report to in the event of a particular breach may depend on multiple factors, including where customers locations and what kind of PII was involved in the breach.
Enforcement officials include various federal and state agencies as well as attorneys general, commissioners and others. Here are a few examples:
Here are a few examples of the hundreds of laws and regulations that relate to the protection of personally identifiable information and requirements to report suspected or r
PCI data is just one type of personally identifiable information. The PCI Data Security Standard protects credit cardholder data such as debit or credit card number, expiration date and card security code.
It helps you fulfill your mandated requirement to comply with federal, state and other laws to report the loss of personally identifiable information.
It’s a simple process. If you lose, or even suspect you may have lost, personal information, just call the Breach Reporting Hotline, professionally managed by CSR. Privacy professionals take the information and file any mandated reports, if they are required.
CSR operators accept calls 24 / 7. Calls received between 9 AM – 6 PM Eastern will be returned by a privacy professional the same business day within 2 business hours. Calls placed after 6 PM Eastern will be returned the next business day by a privacy professional.
CSR personnel have all received and maintain one or more CIPP (Certified Information Privacy Professional) certifications from the International Association of Privacy Professionals (IAPP). As a company, CSR is certified in every concentration available, which includes the CIPP U.S., Canada, Europe, and Government, the CIPM designation for Certified Information Privacy Manager, and the CIPT designation for Certified Information Privacy Technologist
In the event you believe you may have lost personal data, call the Breach Reporting Hotline number you receive from us. If you’ve misplaced the number, please call us.
No, our service will file reports, as necessary, on your behalf.
You should still call the Hotline. Leave it to the privacy professionals to determine whether any reports need to be filed.
Will you share the details of my reports?
The privacy professionals are not allowed, by law, to relate what you tell them to anyone other than the authorities who mandate reporting.
We don’t recommend it. We provide this service at an affordable price to enable you to comply with mandated reporting in the event of an incident. You’ll have privacy experts who will relieve you of this burden. If you opt out, you increase your risk of liability, including civil and criminal sanctions, from failing to meet the reporting requirements.
You can opt out at any time, but remember you will increase your risk of liability, including civil and criminal sanctions, from failing to meet the reporting requirements.
It is highly unlikely. The CSR award-winning, patented, services were designed and developed by CSR privacy experts. It is not insurance. If you are not sure, provide us with information on the other provider and we will review it to compare.
Click here to learn more about our data loss preparation and breach reporting services.