Planning for common crisis situations is a duty of communication leaders. Crisis planning deepens your thinking in ways that better equip you as a communicator to manage any crisis. Planning also uncovers barriers within a company that take time to overcome – time that is absent in a crisis.

I made comments based on these ideas to TechRepublic for an article on healthcare data breaches: What happens when your healthcare data is stolen or held for ransom? It depends.

“The organization still needs to communicate with its stakeholders and the wider public about the impacts of the attack, even if it cannot describe the attack in any detail. Communication leaders in healthcare organizations should prepare a roadmap for responding to both of these situations – before they occur.”

Data breaches and ransomware attacks require communication leaders to work closely with senior leaders, IT and information security experts, and legal counsel to develop an effective communication strategy. The strategy must reflect the operational and legal steps the company will be taking after the discovery of the situation. To work effectively together in a crisis takes planning, practice and a good working rapport, as noted in this blog post on the benefits of crisis communication planning.

For a company that has discovered a data security incident, the legal disclosure requirements are just one consideration. In many cases, the right strategy may be to disclose as soon as a decent accounting of the facts is available, even if federal and state laws and regulations do not require public disclosure. The communication strategy depends on what happened, how it happened, what the organization is doing for those affected by the breach, and what the organization is doing to prevent it happening again.

Describing what the organization did previously to prevent or mitigate a ransomware attack or other IT disruption would be a strong message to include in these communications, if they can be revealed.

Crisis communication planning can’t foresee every possible crisis. Planning for common situations an organization may face provides an initial framework for working through a crisis, and builds the skills and internal infrastructure needed to manage crises that you never could have anticipated.

Image by Pete Linforth via Pixabay