For the past several years, it seems like every other week there is a story in the news about a company getting hacked and that client information has been stolen. The theft of intellectual property, credit card information and confidential client information is becoming more commonplace and the hackers are more sophisticated and are better funded. It is anticipated that cybercrimes of this nature will cost the global economy over $445 billion this year. 
Photo credit: bocotek
So what do you do if your company is hacked and confidential client information is stolen? Kansas and Missouri both have statutes which specifically address the notice that is required to consumers for breaches of security in regards to personal information. Both statutes define consumer as a resident of the state. In both states a “security breach” is the unauthorized access and acquisition of unencrypted or unredacted computerized or other data that compromises the security, confidentiality or integrity of an individual’s personal information that causes, or is reasonably believed to cause, identity theft. In some instances a good faith acquisition of personal information by an employee or agent of an individual or a commercial entity for legitimate purposes may not amount to a breach of the security of the system, provided that the personal information is not used for or is not subject to further unauthorized disclosure. This exception should be carefully scrutinized before being invoked. Once a breach has been discovered, notice must be promptly given to the affected party unless a law enforcement agency informs the company in writing that notification may impede a criminal investigation or jeopardize national or homeland security. Once the order is lifted, prompt notice must be given. Proper remedial action will vary depending on the circumstances of each case. If this has happened to your business or you have questions about this, please give us a call!
