Behind the Firewall ft. Suzette Corley

by Morgan Prost / May 22nd, 2026

A breach notification policy doesn’t have to be complex, but it does have to exist.

During a recent privacy audit, one of our auditors, Suzette Corley, asked a simple question: “What’s your breach notification process?”

The answer? Silence. Followed by: “We’d figure it out if something happened.”

That’s more common than you think. Many companies assume they’ll improvise when a breach occurs. But when the clock starts ticking, improvisation becomes expensive. In some states, failing to notify within the required timeframe can cost $750 per record, per incident. Not to mention the reputational damage that comes with…

Breach notification is a lifeline. Without a clear policy, teams scramble. Legal doesn’t know who to call. Compliance doesn’t know what to report. Regulators don’t get notified. And the business bleeds time, money, and trust.

A strong policy doesn’t need to be complex. It can start with:

✔ Who gets notified (legal, regulators, internal teams)

✔ A simple escalation path (“Internal person calls external person”)

✔ A checklist of actions

✔ Regular drills—just like a fire evacuation

Because when a breach hits, clarity beats chaos. Every second counts.

One missing policy can turn a manageable incident into a multimillion-dollar disaster.

Recent Editions:

Behind the Firewall ft. Aslan Konsavage

June 3rd, 2026

Read More

Behind the Firewall ft. Jeneil Russell

May 22nd, 2026

Read More

Behind the Firewall ft. Shannon Lane

May 22nd, 2026

Read More

Behind the Firewall ft. Kyle Pardue

May 22nd, 2026

Read More

Behind the Firewall ft. Randy Bartels

May 22nd, 2026

Read More