Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

You Are Here:Home » E-Government, Government Documents, ID Theft, PC Security » Department of Commerce Breach Notification Response Plan

Department of Commerce Breach Notification Response Plan

by on

Department of Commerce Breach Notification Response Plan, September 28, 2007 (21 pages, PDF)

  • This Plan identifies key Department officials who will serve on the Identity Theft Task Force (ID Theft Task Force) to develop strategies for handling data security breaches, including those incidents posing a potential risk of identity theft. In addition, the Plan specifies the responsibilities of the ID Theft Task Force, whose mission is to provide advance planning, guidance, in-depth analysis, and a recommended course of action in response to a data breach/loss. In the event of a data breach/loss declared by a Department Bureau/Office to be of moderate or high risk, the ID Theft Task Force will be convened promptly, conduct a risk analysis to validate the level of risk associated with the loss, review all relevant compensating controls in place to protect the data after the loss, determine whether the breach poses risks related to identity theft or other harms,3 and timely implement a risk-based, tailored response to
    each breach. As part of this process, the ID Theft Task Force will consider all existing compensating controls available to protect PII data after loss.”
  • Network Working Group of the Internet Engineering Task Force, request for comments (RFC), Network Ingress Filtering: Defeating Denial-of-Service Attacks Which Employ IP Source Address Spoofing, May 2000
    • LinkedIn

    Sorry, comments are closed for this post.