ManagedMethods Data Breach Protocol
In the event of a data breach, ManagedMethods will adhere to the applicable state data breach regulations of the impacted user(s).
A breach is any unauthorized acquisition of computerized data that compromises the security, confidentiality, or integrity of personal information that we maintain.
Unencrypted information containing: individuals’ names or initials, social security numbers, driver’s license number or other identification numbers, financial information (i.e., bank account number, credit or debit card number), medical information, health insurance information, and other personal identifiers that we might have detected as sensitive data.
In the event of a data breach, the goal is to provide notice to affected parties as soon as reasonably possible.
Recipients of the Notice
We will notify both the impacted users and any known schools to which those users belong via contact information on record.
Information in the Notice
- Company contact information
- A general description of the breach incident
- An explanation, to the best of our knowledge, of what happened
- A listing of the types of personal information that is believed to be compromised
- If known, the date and time of the breach, or a best estimate
- Whether the notification was delayed as a result of law enforcement
- What steps the company has taken to mitigate the situation, prevent it from happening again, and advice to the impacted individuals on how they can best protect themselves
Method of Notification
Notifications will be sent via email to all impacted users. Written notice may be sent to the impacted schools in addition to email. Depending on where the impacted user lives, the may have a legal right to receive notice of a security breach in writing.