Recently, data breach has dominated the headlines and has impacted big business and large organizations. However, should it be a concern for smaller local businesses? Thirty-one percent of investigated data breaches impact businesses with less than 100 employees (Verizon 2013 Data Breach Investigations Report). With a data breach situation, your General Liability Insurance, alone, will not be the remedy.
Q: What is a data breach?
A: A data breach is any intentional or unintentional release of Personal Identifiable Information (PII) of Customers or Employees and any other records.
Q: What are some examples of PII?
A: PII may include names, addresses, birthdates, social security numbers, driver’s license numbers, email addresses, passwords and more. An incident of data breach is caused by (1) a malicious or criminal act of hacking or (2) system glitches or (3) acts of employees. Hacking and system glitches may be random, but if an employee loses a laptop, smart phone or thumb drive, what happens next? Research is required to determine which records were compromised, notifications need to go out to the record owners, identity protection services need to be provided and defense costs plus damages need to be considered.
Q: What is the cost of a data breach incident?
A: Soft Cost – A business’s time/loss of productivity and reputation in the community are on the line. Hard costs – In the U.S., the average cost of a data breach incident is $201 per compromised record (2014 study by the Ponemon Institute, Michigan). Some carriers have convenient calculators to help quantify the potential damage. I95