How to manage a company data breach

How to manage a company data breach

Your company data has been breached. What should you do? First of all, don’t panic. Adrian Phillips, Special Counsel at Jones Day, shares some practical steps and tips for preparing for and dealing with a data breach.

Tell us about your background and your current role...

After a number of years practising at a large City law firm, I started my in-house career as general counsel and Head of Risk and Legal Affairs for Visa in the UK. I then moved to San Francisco where I became the Deputy Chief Risk Officer for Visa globally. My next role was Head of Legal and Privacy at Amadeus in Madrid. Now I am Special Counsel at Jones Day as well as CEO of a company that is developing an off-the shelf SaaS tool to assist companies to comply more easily with the many laws and regulations in place today. My roles have given me an interesting insight into the myriad of issues associated with data breaches.

What happens when there has been a data breach?

It rarely happens that someone says: “we've been hacked”. You start seeing strange things going on in subsidiaries or in your own company. Someone notices something unusual from a technology perspective, for example in the software looking at the data leaving your system. It could also be that someone loses their computer or a disk. Keep an open mind as to whether it is an internal or external culprit – over half of breaches are by insiders.

Being contacted by the police or your bank is another indication. With cardholder information, what normally happens is that cardholders will call their bank to say they have noticed unusual transactions. The bank will contact one of the card schemes or call the police and they will then start trying to track down where the

Subscription Form

Already a subscriber? Login
RELX (UK) Limited, trading as LexisNexis, and our LexisNexis Legal & Professional group companies will contact you to confirm your email address. You can manage your communication preferences via our Preference Centre. You can learn more about how we handle your personal data and your rights by reviewing our  Privacy Policy.

Related Articles:
Latest Articles:

Access this article and thousands of others like it free by subscribing to our blog.

Read full article

Already a subscriber? Login

About the author:

Sophie is Head of Learning & Development at F-LEX Legal - an award winning legal tech startup helping law firms and organisations manage a flexible work force and supporting lawyers to make smarter life/work choices. 

As part of her portfolio career Sophie runs various learning and development and networking forums for in-house lawyers and mentors junior lawyers.  These include Flying Solo for small and solo legal teams and Aspire for junior in-house lawyers which she runs for LexisNexis UK.  She also works with schools and organisations to promote social mobility within the legal profession, working with The Social Mobility Business Partnership and Aspiring Solicitors. 

She trained as a lawyer in the City and worked as an in-house lawyer for 10 years including as Head of Legal for Virgin Radio and Ginger Media Group.  

Outside of work she is happily married with three sons and enjoys morning walks along the beach with her two dogs.