Incident Response Plans: A Comparison of US Law, EU Law and Soon-To-Be EU Law

The best way to handle any emergency is to be prepared. When it comes to data breaches incident response plans are the first step organizations take to prepare.¬†In the United States, incident response plans are commonplace. Since 2005, the federal banking agencies have interpreted the Gramm-Leach-Bliley Act as requiring financial institutions to create procedures for handling data security incidents.1¬†Although there is no federal statute that requires the majority of other types of organizations to create an incident response plan, state data safeguards and data breach notification statutes provide incentives for many other organizations to craft response plans. …

Response plans