The results from SCIPP International’s recent survey of association’s data breach preparedness are now available on SCIPP’s website by clicking here.

In my review of the results, the most disturbing item is that only 1/3 of associations surveyed actually have a data breach response plan. Given that a data breach is not a matter of if but when, not having a plan seems to me a risk that associations shouldn’t be taking.

Does YOUR association have a data breach response plan? If not, why not?