Our comprehensive Breach Reporting™ provides mandatory reporting of compromised Personally Identifiable Information(PII) and answers the critical business need for swift and thorough response to a suspected or actual data breach.A breach or theft of PII could lead to what is better known as identity theft. Identity theft is the number one concern among consumers in the United States. For businesses, such a threat may lead to business reputation loss, civil fine or criminal prosecution.
To Report a Breach Call 1-855-PII-DATA
To Report a Breach Call 1-855-PII-DATA
A data breach or suspected data breach must be reported to a variety of Federal and State Regulatory agencies, as well as all credit card brands. Reporting is typically required within 72 hours of a breach. Breach Reporting™ team provides a point-of-contact to work with you to compile all key points of information and initiate the mandatory reporting processes.
If you are in business, you’re likely collecting Personally Identifiable Information (PII). Personally Identifiable Information is classified as any combination of the following:
- First and Last Name
- Social Security Number
- Driver License Number or Identification Card number
- Account Number, credit card number or debit card number in combination with any required security code, access code, or password that would permit access to the account;
- Medical Information (any information regarding an individual’s medical history, mental or physical condition, or medical treatment or diagnosis by a health care professional); or
- Health insurance information (an individual’s health insurance policy number or subscriber identification number, any unique identifier used by a health insurer to identify the individual, or any information in an individual’s application and claims history, including an appeals records).
In the wrong hands, this information can be used to initiate identity theft or support other criminal activity. Entities entrusted with PII are required to protect it by both federal and state laws.
The consequences of a breach are serious. Fines and other penalties are expensive and can tarnish your business reputation in the community. In many cases, civil fines and criminal sanctions can be assessed to businesses that fail to take the appropriate reporting steps to ensure customer protection. The public damage from a PII breach can further result in loss of credibility and customer confidence. Customers have sued companies directly when their personal information was compromised.
While well-publicized data theft incidents have involved some of America’s largest companies, smaller companies are actually at greater risk because of limited security resources, operating and management processes that fail to adequately safeguard this data and less secure systems. Many data theft cases are found to have help from the inside —an employee or contractor who either initiates the theft or assists in facilitating the plan. The question is not “if” a loss of protected data will occur but “when”—and what to do when it happens.
The first line of PII response is to report a breach or suspected breach immediately.
While well-publicized data theft incidents have involved some of America’s largest companies, smaller companies are actually at greater risk because of limited security resources, operating and management processes that fail to adequately safeguard this data and less secure systems. Many data theft cases are found to have help from the inside —an employee or contractor who either initiates the theft or assists in facilitating the plan. The question is not “if” a loss of protected data will occur but “when”—and what to do when it happens.
The first line of PII response is to report a breach or suspected breach immediately.
To Report a Breach or Suspected Breach
A breach or suspected breach of PII could include any of the following information:
- Names
- Addresses
- Social Security Numbers
- Drivers License Numbers
- Credit Card Numbers
- Date of Birth
Call 1-855-PII-DATA - Please be prepared to provide the operator the following information:
- Member Number
- Your Name
- Business Name
- Business Address
- Business Phone Number
- Last 4 digits of your Social Security Number
- Description of the Event ( The Operator will guide you through the process)
- Your Supervisors Name
- Your Supervisors Address
- Your Supervisors Phone Number
- Your Supervisors Email Address
Once Breach Reporting™ Operators have verified your information, Breach Reporting™ will report to the proper authorities. Once the reports are submitted, further information may be requested from you or the management of your company. Breach Reporting™ will not be a part of this process.
If you call After Hours or are asked to leave a message please provide the following:
- Member Number
- Your Name
- Business Name
- Best Number for a callback from a Breach Reporting™ operator
Messages left between 7:00am – 5:00pm Eastern, will receive a call back within the same business day. For messages left after 5:00pm Eastern, a call back will be received the next business day.
What to do in the event of a breach:
1. Call 855-PII-DATA immediately, - the agents will capture key pieces of information and begin the process
1. Call 855-PII-DATA immediately, - the agents will capture key pieces of information and begin the process
2. Immediately contain and limit the exposure. Prevent further loss of data by conducting a thorough investigation of the suspected or confirmed data breach.
3. To preserve evidence and facilitate the investigation:
a. Do not access or alter compromised computer systems (i.e., don’t log on at all to the machine or change passwords)
b. Do not turn the compromised machine off. Instead, isolate compromised systems from the network (i.e. unplug the internet connection cable)
c. Preserve logs and electronic evidence
d. Log all actions taken
e. If using a wireless network, change the Service Set Identifier (SSID) on the Access Point (AP) and other machines that may be using the connection with the exception of any systems believed to be compromised
f. Be on “high alert” and monitor all systems
4. Reports must be filed within 72 hours