data security image

Liability for Data and Privacy Breaches

Reporting on statistics released by the Identity Theft Resource Center (ITRC), noted that there have been 368 data breaches reported so far this year to the center – 46.5% of them at healthcare and medical companies. Business and government made up the bulk of the remaining breaches.

What is a data breach, and how does it happen?

We keep hearing the term data breach, but what does it mean, exactly? The ITRC’s definition of a data breach follows U.S. Federal guidelines – a breach is a situation in which the mix of personal information accessed can compromise an individual. The theft of Social Security numbers, medical information, email addresses and passwords all fall under this umbrella.

Most of us also think of a group of hackers working in a dark room somewhere in a remote country, but data is exposed in many ways – and sometimes it’s our own fault. A good primer on the topic is provided by the MIT Information Systems and Technology Department. Theft, notes MIT, is one of the main ways that criminals access personal information over computer networks, but MITnotes that loss of media can lead to a data breach – and anything from a lost iPhone to hard drives, and tapes can be the culprit. In fact, MIT reports that one in four breaches at universities are caused by theft.

Neglect and insecure practices can easily lead to the loss of sensitive data. Do you know how data is stored and secured at your workplace? How about wireless network practices, or document shredding? How do you swipe hard drives and recycle computer equipment at your company when old computers and laptops are retired?

Liability laws are changing

There are hundreds of ways hackers can get into your business, into your data, and exploit your information. It is very cumbersome and expensive to hire the right firms to oversee all your systems, and manage them on an ongoing basis.

But it may be more costly to avoid doing everything in your power to protect yourself against a data breach. A recent Forrester Brief, Legal Costs in a Customer Data Breach now Pack a Bigger Punch, provides an overview of a case in which two laptops were stolen from AvMed’s corporate headquarters. The result was the exposure of 1.2 million customer records, and a class action legal battle that is “setting new precedents for monetary reimbursement for breach victims.”

In the future, the onus will be on companies to securely accept, track, monitor, and retire data. It’s a big job, and there is almost no way that your defenses can be 100 percent secure.

On the open market, data and privacy coverage can assist with some of the issues brought on by a data breach, but as consumer awareness rises and laws are updated, you’ll need to stay on top of your coverage – you never know when a senior IT exec might accidently leave his tablet on a plane, or when an angry employee will steal the wrong file.

Check out the coverage you have available, and contact us if we can help you arrange coverage through a captive.