Home: Credit Monitoring : Should Victims of ID Theft be Notified Sooner or Later?

Should Victims of ID Theft be Notified Sooner or Later?

Posted by Grace Alexander on Wednesday, December 31st, 2008

Chris Wolf dislikes people taking his name in vain. He believes that many companies notify victims TOO SOON after a breach of security. Of course, he’s an attorney and head of the Proskauer Rose (Washington, D.C.) law firm’s privacy and security group, so he might have a little different take than the average Joe.

‘Never Cry Wolf’, Says Wolf!

In a recent interview with Wolf, he stated that breach notifications should be delayed until all the facts are in about what was lost and who was affected. The basic topic of discussion was the potential for a U.S. Federal breach notification law and the impact on business of similar state regulations:

Many of the state regulators who are focusing on [timely notification] are focused on the chronological amount of time between breach and notice. I’m not sure they have a sufficient amount of knowledge of what is involved when a company needs to get its arms wrapped around a breach. Before a company can notify, they need to find out who has been affected and what has been exposed. It is better to have an accurate notice than to cry wolf.

Wolf went on to say that organizations unable or unwilling to react immediately to protect customer, employee, or patient information should reconsider their need to keep it at all. This could be extrapolated to almost any type of company in the world – and does.

Online Companies Realize Danger of Storing Data

Only recently, the search engines that run the internet (Google, Yahoo and Microsoft) have been the subject of scrutiny regarding information they keep about user’s identifying data online. They seem to be leaning towards a shorter storage time of such data – prompted no doubt by major security issues throughout the past year. Other organizations that deal in even more personal matters, such as medical facilities and the like, are constantly under cyber attack, as are schools, federal and state institutions, and hundreds of other venues.

Wolf concluded:

Businesses need to be ready in advance of a breach to know what needs to be done… This is necessary to avoid the regulator scrutiny that has occurred in past cases. If I were to give one piece of advice to businesses, it’s get ready in advance for a breach because it is more than likely it’s going to happen to you.

The Buck Stops With You

Most people would want to be notified immediately if their data was compromised, to have time to head off trouble. As always, we must be our own vigilant protectors – keeping a list of who has you data and why is a good idea, as well as investing in an ID theft protection program that might at least give you an early warning if the company attacked doesn’t feel the need to let you know your information has been compromised!



Filed under Credit Monitoring

 Subscribe to this site   

You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Comment


Credit Monitoring Reviews

Identity Theft Tips
ID Theft Ebook Special


Website Resources

Please contact us for more information or questions about this website.

Learn more about us and what this website can do for you.

If you find this site to be of interest, please link to us.

Visit our directory for related websites and services you may be interested in.

Browse our site map for all articles and resources on identity theft.

Please read our privacy policy and terms of use.

Bookmark this Page