AP reports that New Hampshire’s health commissioner is offering an extra apology as his agency deals with a data breach that led to personal information of up to 15,000 people being posted online.
The extra apology follows recent media coverage describing the emotional reaction of a woman who received a letter addressed to her son who died nearly eight years ago.
The woman’s reaction, shared publicly, serves as a useful reminder to us all: when notifying people about a breach that may have occurred a while ago, realize that some of them may be deceased, and it will be their survivors who receive and read the notification. And receiving that letter may be a painful reminder of their loss.
Perhaps in such situations – where you might reasonably expect a percentage of those being notified will have died in the interim – include a statement in the notification that if the recipient is receiving notification for a deceased relative, you’re genuinely sorry for reminding them of their loss, but you are trying to protect them from being victimized by those who would misuse their loved one’s information.
#JustAThought