What is the process for reporting a data security breach?
In Hawaii, any individual or organization that finds out about a data security breach must report it to the Information and Privacy Office. Depending on the type of breach, the reporting process can differ. For breaches related to federal agencies, the reporting process involves informing the Office of Information Management and Security (OIMS). OIMS will then work with the affected individual or organization to submit a report to the Aloha Breach Notification Portal. In cases of breaches related to state-funded entities such as libraries, schools, and businesses, the reporting process involves informing the Office of Enterprise Technology Services (ETS). ETS will then work with the affected individual or organization to submit a report to the Hawaii Data Breach Notification Law. If the breach involves a ransomware attack, the affected organization must contact the Hawaii Fusion Center, which is part of the Hawaii Department of Public Safety. The Fusion Center will then work with the affected organization to gather and document information about the attack and submit a report to the appropriate agencies. To help organizations comply with the reporting process, the state of Hawaii provides free online and in-person security assessments. These assessments provide information on the best practices for data security and also help organizations prepare for potential breaches.
Related FAQs
What should I include in my data security policy?What is pseudonymous data?
What is a Data Retention Policy?
What is the California Online Privacy Protection Act (CalOPPA)?
What is the Health Insurance Portability and Accountability Act (HIPAA)?
What are the security requirements for mobile devices?
What rights do I have when it comes to data security?
What is the purpose of the GDPR accountability principle?
What is the UK’s Data Protection Act (DPA)?
What is the Payment Card Industry (PCI) Data Security Standard?
Related Blog Posts
Top 5 Recent Developments in Data Security Law - July 31, 2023Understanding the Impact of Data Security Law on Businesses - August 7, 2023
What is the GDPR and How Does it Apply to Data Security Law? - August 14, 2023
What is the Role of the Federal Government in Regulating Data Security Laws? - August 21, 2023
Are State Data Security Laws Compliant With GDPR Regulations? - August 28, 2023