Data security events are often seen reactively – now that it’s happened, what do we do? That reactive approach is a recipe for failure and liability. Your data breach strategy needs to be in place long before any breach, and to address pre-event activities and planning – the best data breach is the one that didn’t happen because you prevented it. But if it does happen, you need to be prepared. Waiting until it happens and then trying to get a game plan together is going to be too little too late. This session will look at both the current state of the law – what you must both before and after the breach to comply with legal obligations – and the strategies you can employ to meet those obligations. This session is a must for any lawyer with a commercial client – virtually every IT system has a web interface, making every client subject to potential breaches. Lawyers need to know what their clients’ responsibilities are, and how to advise them when a breach occurs.