Bart Lazar Published in CIO.com
"8 Cheap Tips for Avoiding Pesky (and Expensive) Data Breach Notifications"

Bart Lazar’s article, "8 Cheap Tips for Avoiding Pesky (and Expensive) Data Breach Notifications," was published in the October 10, 2008 issue of CIO.com. In his article, Bart discusses the many security breach laws across the country, which typically require that holders of unencrypted personal information send notices to affected individuals in the case of an actual or suspected security breach. According to Bart, "the problem with the state database security breach laws is that they are reactive and not proactive." He continues that "there appears to be little hard evidence that demonstrates that consumers are able to avoid identity theft because they receive notifications when their electronic data may be subject to a security breach." Bart says that companies are spending millions of dollars in dealing with notifications that could be better spent on better security procedures, technology and training.

Bart provides cost-effective, proactive tips for businesses to help them avoid data breaches in the first place, thereby avoiding costly data breach notifications. A few of his recommendations, include the following: restrict the placing of personal identifying information on laptops and require any personal information that is placed on laptops to be encrypted; replace or truncate social security numbers; impose restrictions and conduct due diligence on vendors; and, finally, communicate your policies to your employees.