Ever since the GDPR was introduced, the subject of data breach notifications has worried a lot of people. How do you write one? What do you need to include? What will the ramifications be? Will it make your customers run for the hills? Will it get you fired?
I’ve got news for you, courtesy of Computing.co.uk, one of the technology websites I subscribe to. They can be polite, informative, and leave a favorable impression. This is an email I received from them the other day:
The email gives the background, the details, the steps they’ve taken to mitigate the risk, the option to reset my password – everything I would want to know in just 286 words. It doesn’t pull any punches, but neither does it come across as an apology on bended knees.
The subject line to the email, incidentally, was Notification of a potential data security breach of your password. Honest, open, and enough to make me read the email – and then be reassured by the content of the email.
So if you’ve been wondering what to do if you have to write a data breach notification, a good first step is to follow the example of Computing.co.uk. They’ve done a lot of the hard work for you.
And, yes, I remain a subscriber.
If you’d like to know more about data breach notifications, there’s a fascinating article by William Brewer on Redgate’s technical journal, Simple Talk.
Also in Audit & Compliance
SQL Server 2008 and SQL Server 2008 R2 are out of extended support as of July 2019, but the end of bug fixes, security updates and ongoing support has far-reaching data privacy implications, as James ...
Also in Blog
It’s that time of year when business leaders and managers in organizations of all shapes and sizes are considering what the next 12 months’ strategy and beyond should look like. Specifically, what...