Businesses, both big and small who are privy to sensitive client information, need to protect themselves against an ever increasing risk of having computer records fall into the hands of unauthorized individuals or organizations. Healthcare practices such as doctors and dentists, law offices, accountants and bookkeepers, retailers, restaurants and financial services are especially at high risk because of the amount of information, the volume of the information, the sensitivity and the number of people having access to the information.
Data Breach is defined as any loss, theft, accidental release or accidental publication of information that personally identifies someone’s protected vital records or protected health information. These include social security numbers, bank records and account information, credit or debit card numbers, driver’s license numbers, email addresses, patient history and medical records. Any of these occurrences is subject to major penalties and fines from various governmental agencies as well as major lawsuits against a company. We are all familiar with the phrase “hacking” from many news stories reporting security breaches against government and news agencies as one way Data Breach can occur. Other ways it can occur are through the theft or release due to unauthorized access from former employees or vendors, stolen or lost documents and electronic files, stolen or lost laptops, smartphones, tablets or flash drives and computer disks, stolen credit card information, and employee error or mistakes. And now as businesses move data into the “cloud”, an even greater possibility of data compromise exists.
Many business insurance carriers now provide cost-effective protection against Data Breach that can help a company maintain its reputation and long-term solvency. Insurance coverage includes: 1 ) Legal and Forensic services to determine if a data breach has occurred and assist the client with regulatory compliance; 2) Notify assistance to employees, customers and other organizations with letter preparation and mailing expenses; 3) Crisis management and Public Relation effort assistance; 4) Advertising support that helps organize and create a media response and 5) Monitoring services to pay for credit, fraud, public records or other monitoring alerts.
Small businesses are especially vulnerable to Data Breach. Sixty-four percent of data breaches investigated in 2010 were from organizations with fewer than 100 employees and 95% of ALL credit card breaches are against small businesses. Further, the majority of small businesses have no data security policy in place. (Verizon Rick Team, US Secret Service and Dutch High Tech Team, 2011).
We strongly encourage you to contact your insurance agent to see what types of Data Breach coverage are available from your current carrier or other carriers he or she represents. It is an investment you need to make to keep your company viable in today’s 21st century marketplace.