The growing exposure of Data Breach by Joshua Hankin
Posted by Devin Haughey on Wed, Oct 19, 2011 @ 02:33 PM
Hardly a week passes without another news story featuring a major company and the compromise of private customer data. Although companies such as Sony, TJ Maxx or CitiGroup receive the media focus, they are not unique in having exposure to data breaches. Smaller businesses are affected by these types of breaches everyday and while large companies may be able to absorb the costs, small businesses are risking valuable company assets in fines, penalties, defense costs and other expenses when a breach occurs and they have no coverage in place. Fortunately, there are many Insurance carriers offering comprehensive products to help protect the company’s assets and provide support in this time of need.
The most common question to arise when speaking about data privacy & security coverage is: “Who should buy this type of policy?” The short answer is every business. If your business handles any “personally identifiable information” on any of your customers, your business is at risk. In the Massachusetts regulation 201 CMR 17, Personal Information is defined as a MA resident’s First and Last name in combination with one or more the following: Social Security number; Driver’s License number; or a financial account number or credit card number. The definition is very broad and most companies would find it difficult to function without some of this information on hand.
A data “breach” can vary from something as simple as losing a laptop or USB drive containing customer information, to a malicious hacker attack stealing private client data. While IT firms can help mitigate the exposure to a breach, no system is 100% secure. It is estimated that up to 40% of data breaches occur from an internal mistake such as misplaced or stolen equipment. Due to the size of data and ease of access in digital formats, discussions about this type of breach tend to focus on electronic records however these policies also protect against breaches of paper records in a company’s possession as well. The breach itself might not lead to direct harm to a customer, but the exposure must still be recognized and handled appropriately.
States are constantly enacting new regulations to protect consumers from the dissemination of personal information. A misstep in handling a possible data breach, including timely notification to governmental bodies and customers, can incur heavy fines and penalties and it can be difficult for most businesses to navigate the constantly evolving landscape of these regulations. Luckily, many of the Data Breach policies in the current market provide a resource to turn to for guidance in the case of a breach. This expert resource can guide the business on how to best proceed and helping them limit their exposure to costly fines and penalties.
Property and Crime policies allow business owners to obtain protection for their companies’ assets from losses due to fire or theft, as most owners are aware of the detrimental effects those events can cause. But, costs associated with a data breach, if not properly handled, can easily be enough to seriously limit a company’s future viability especially when assets are already stretched thin and this area of exposure is growing larger every day. The insurance industry has seen this growing need and answered by offering comprehensive & affordable products to protect and mitigate against this exposure. Now is the time to explore this coverage to help protect your company’s assets and future.
For additional information contact Joshua Hankin - Senior Account Executive at DeCotis Insurance Associates jhankin@decotisinsurance.com
