In the event of a cyber-incident/data breach, it is important to be able to rely on the advice of a General Counsel. The role of a General Counsel under the circumstances is to be available 24/7 and to be prepared to protect and defend the interests of the organization for the duration of the crisis by providing legal advice to the members of the Cyber Security Incident Response Team (CSIRT) and by taking various measures meant to mitigate the operational, reputational, liability, and compliance risks of the organization.
Depending on the state of preparedness of an organization, the role of General Counsel may include, among others, the structuring of the incident response team, the briefing of the board of directors, the vetting of press releases, the review of notifications to victims and authorities, the filing of insurance claims, legal proceedings, etc.
In light of the above, considering the pivotal role of a General Counsel, it must necessarily be assumed by a law firm well versed in Privacy and Cybersecurity matters.
This is why DUBÉ LATREILLE would be happy to share its experience with your organization both to prevent and to respond to a cyber incident involving PII.