July 1, 2016 | By Marcee Wardell |
A data breach occurs when Personally Identifiable Information (PII), such as social security numbers, financial data, credit card information, or other identifiable information is lost, stolen, or viewed in an unauthorized setting, or accidentally released. If a business collects or stores PII, there is risk of data breach. Information can be hacked criminally, lost by mistake or negligence, or leaked through faulty systems.
Potential effects of a data breach include the loss of trade secrets and proprietary information, legal and forensic costs, regulatory fees, and notification expenses. Further, loss of consumer confidence could mean permanent damage to reputation and loss of business.
Insurance for data breach is available through many insurance carriers. Coverage includes first-party response costs such as legal and forensic services, crises management, public relations, notification expenses, good-faith advertising costs, and services for affected customers. Third party coverage is also available to cover defense and liability costs. Consulting services on preventing data breach may also be covered.
Preventative measures can be taken to protect PII and sensitive data and minimize the risk of data breach. Such measures include:
- Identifying PII collected or stored by the organization and creating clear, universal policies for its protection
- Encrypting programs, devices, and files containing sensitive data
- Protecting wireless networks and avoiding unsecured devices or networks
- Limiting third-party agreements and contracts and limiting information shared with third parties
- Developing a response plan should data breach occur
- Managing risk with data breach insurance
For more information on this and other insurance topics and coverage, please call our office.