Recommendations for Identity Theft Related Data Breach Notification (PDF; 1.9 MB)
Source: Office of Management and Budget (OMB)
“This memorandum describes three related recommendations: (1) Agencies should immediately identify a core response group that can be convened in the event of a breach; (2) If an incident occurs, the core response group should engage in a risk analysis to determine whether the incident poses problems related to identity theft; (3) If it is determined that an identity theft risk is present, the agency should tailor its response {which may inctude adviceto those potentially affected, services the agency may provide to those affected, and public notice) to thenature and scope of the risk presented. The memorandum provides a menu of steps for anagency to consider, so that it may pursue such a risk-based, tailored response. Ultimately, the precise steps to take must be decided in light of the particular facts presented, as there is no single response for all breaches. This memorandum is intended simply to assist those confronting such issues in developing anappropriate response.”
See: OMB issues data breach guidance (GCN)

This entry was posted on Friday, September 22nd, 2006 at 9:44 pm and is filed under Government and politics, Privacy, Technology. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.