Once your enterprise experiences a security incident involving the unauthorized access, acquisition, use or disclosure of personal information, a key legal inquiry is whether any notifications are required. Whether notifications should be provided as a best practice is beyond the scope of this article, but is a genuine consideration if a company believes that customers could be subjected to identity theft from a security incident regardless of legal obligations.



http://bit.ly/2JLgCuj
http://bit.ly/2JLgCuj+

--
Peterk
Dallas, Tx
[log in to unmask]
Save our in-boxes! http://emailcharter.org
“If only there were a massive entity that I were forced to fund to tell me how I should live my life, since I’m so obviously incapable of deciding for myself.” M. Hashimoto
To view the list archives go to: https://www.jiscmail.ac.uk/cgi-bin/webadmin?A0=RECORDS-MANAGEMENT-UK To unsubscribe from this list, send an email to [log in to unmask] with the words UNSUBSCRIBE RECORDS-MANAGEMENT-UK For any technical queries re JISC please email [log in to unmask] For any content based queries, please email [log in to unmask]