Today I wanted to talk briefly about data breach protection and data breach liability protection. Big companies aren't the only victim of data breaches. Approximately 31% of reported data breaches occur in companies with less than 100 employees. Most data breaches can be prevented if companies follow some basic security measures. On average companies pay $60 per compromised record in indirect costs.*
What is it? Data breach is defined as loss, theft or accidental release or accidental publication of personally identifiable information. For example: Social Security numbers, credit card numbers, bank account numbers, drivers license numbers, patient history and medication, and more.
Who needs it? Anyone who handles private customer, patient, business or employee information. Some key businesses are doctors, hospitals, retailers, wholesalers, lawyers, and even insurance companies. If you have access to or store private information of others than you need to be aware of and concerned about a potential exposure.
How does it happen? Data breach can occur several different ways. Most common is unauthorized access to the information. Sometimes by a hacker, former employee, or vendor. Stolen or lost paper files, computers, disks, cd's, usb drives, stolen credit card information, or simply oversight or error by staff are some other ways this can happen to you.
What can you do? First you need to implement and take proper precautions to prevent a data breach from occurring. There are legal requirements by State that provide guidelines on how this private information needs to be acquired and handled. Develop a plan on what to do if a data breach occurs.
Insurance carriers are aware of this potential exposure and aware of the cost that can be involved in enacting a data breach response plan should one occur. Many carriers are now offering Data Breach Response Expenses coverage and are automatically adding this coverage to the commercial package policy for certain classes of business, lie retailers for example, for no additional charge. This coverage could include up to $10,000 for the expenses incurred.
The coverage also comes with free data risk management solutions, to support us in providing business owners like you with data breach coverage. As an educational resource a data security website will also be available to you. The website will provide additional tips and best practices that will help you protect sensitive information. It also includes information regarding notification laws and regulations, and other resources.
Download a free copy of an Information Security Breach Response Plan template in the free reports section of our website or by clicking HERE.
Lastly, in addition, some carriers are now offering data breach liability coverage. This is a separate coverage and must be added by endorsement in most cases, if offered. It will pay money that you become legally obligated to pay as damages because of a personal data breach. The insurance carrier will hire an attorney to protect and defend you against any personal data breach law suit that may result up to the limits of insurance shown on the declaration page.
Please contact us to find out more information about data breach response expense protection and/or data breach liability protection, or to see if it is already included on your current policy.
*Verizon 2013 Data Breach Investigations Report and Ponemon 2013 Cost of Data Breach Study: Global Analysis