According to the recent guidance from the Federal Trade Commission, regardless of whether a breach notification law applies, a breached entity that fails to disclose information to help parties mitigate reasonably foreseeable harm may violate Section 5 of the FTC Act. The guidance also shares that effective detection and response capabilities are core components of a security program and when they fail, companies should effectively and completely disclose what happened.

The post One Step Closer To A Standard? FTC Guidance On Breach Notification Obligations appeared first on ComplexDiscovery.