How should organizations handle information sharing with law enforcement?

• A. Do not report credible threats.
• B. Share all employee data publicly.
• C. Report credible threats promptly, preserve evidence, share relevant information while protecting privacy and complying with laws.
• D. Wait until after an incident before sharing any information.

Answer: (C)

Handling information sharing with law enforcement hinges on acting quickly when there is a credible threat, while protecting privacy and following legal rules. Reporting credible threats promptly allows law enforcement to assess risk and intervene before harm occurs. Preserving evidence ensures information collected can be used effectively in an investigation, maintaining its integrity and usefulness over time. Sharing only relevant information helps investigators do their job without exposing unnecessary personal data or violating privacy laws, and doing so through proper channels keeps the process secure and compliant. In practice, organizations should follow established escalation procedures, notify the appropriate security, legal, or compliance contacts, document the threat and actions taken, maintain a clear chain of custody for evidence, and share information in a controlled, lawful, and privacy-respecting manner. Not reporting threats misses a preventable danger, publicly sharing all employee data breaches privacy and legal protections, and waiting until after an incident removes the chance to prevent harm and complicates response and investigations.