Client Information Security Helping Organizations Protect Private Client Data


Dealing with Data Breaches

With the proliferation of data breaches and the growing stringency of federal and state laws to protect consumers, business owners are more careful than ever before and are taking steps to prevent breaches from happening. Consequently, many business owners are setting up measures to protect their businesses, should a data breach occur. After all, dealing with a data breach is no walk in the park. It involves tremendous cost and subjects business owners to the compromising situation of having to lose (and work to regain) customers’ trust and, oftentimes, having to deal with lawsuits. A Ponemon Institute study sponsored by Symantec revealed the average cost of a data breach to be at $7.2 million in 2010.

In light of the legal trouble and the big price tag involved in a data breach, more and more businesses are setting up a breach policy. In addition, with high-profile data breach cases being picked up by the media, more and more business owners are considering getting data breach insurance. All businesses, big or small, need this kind of insurance coverage. A data breach is a serious threat to one’s business. It does not discriminate as it can happen to any type of business.

Here are some tips to setting up your breach policy and getting data breach insurance.

Setting up a Breach Policy

Carefully examine the flow and storage of electronic and paper-based data in your business. Evaluate your company’s level of exposure to data breach.

Study all stipulations of federal and state laws on data breach.

Read and study existing breach policies of other businesses, particularly those operating in the same location and/or field as yours.

Set up your own breach policy, aligned with federal and state law stipulations, the size as well as the culture of your business.

Review all items of your breach policy, iron out conflicting items and loopholes.

Be sure that all of your customers are made aware of your business’ data breach policy.

Be proactive and anticipate the many possible data breach scenarios that your business may deal with. Lay out a contingency plan for each scenario.

Getting Data Breach Insurance

Evaluate your business’ level of exposure to data breach. Identify the types of data at risk and the amount of impact a breach may have with each type of data identified.

Evaluate your business’ security plan. Identify the types of measures being employed, hardware/software in use and internal policies on handling data. Your insurer will need this information.

Conduct due diligence and explore the many options you have with different insurers. Choose a policy that best suits your business: its size, operating environment, existing cyber security plan, existing state and federal law, etc.

Negotiate and explore the possibility of getting add-on services.

Understand the entire policy, including the tiniest details of it.

Once all set up, you’re in a better position to protect your business and customers from the threat of data breach.

Comments (0) Trackbacks (0)

No comments yet.

Leave a comment

No trackbacks yet.