If you think data breach only happens to credit card companies, governments and large companies, you could be in for a big, and expensive, surprise!
Based on the 2013 Verizon Data Breach Investigations Investigation Report:
- 31% data breaches investigated in 2012 were from organizations with fewer than 100 employees
- In 66% of the cases (up from 56% in 2011), the breach wasn’t discovered for months, even years
Medical organizations have it even worse. The Annual Benchmark Study on Patient Privacy and Data Security presented by Ponemon Institute in December of 2012 found that 94% of all medical organizations have had at least one breach occur within the past two years.
Most organizations, hopefully, try to protect their data with computer security software and hardware along with policies and procedures, but if a breach does happen are you protected from any liability that might arise from this breach?
Let’s shed some light on what exactly is a date breach, how a breach can happen, who needs data breach coverage, how this coverage can help and some information on the coverage.
What is Data Breach?
Data breach is defines as loss, theft, accidental release or accidental publication of Personal Identifiable Information (PII) and Protected Health Information (PHI). These include, but are not limited to:
- Social Security number
- Bank account number
- Credit or debit card numbers
- Driver’s license number
- Patient history and medications
How Can a Breach Occur?
A breach can occur when a thief obtains information from your business by:
- Theft of release due to unauthorized access (such as by former employees or vendors)
- Stolen or lost paper and electronic files
- Stolen or lost laptop, smartphone, tablet or computer disks
- Stolen credit card information
- Employee error or oversight
Who Needs Data Breach Coverage?
Any business, small or large, that handles or stores any private business, customer, patient or employee data is at risk. Because of the quantity and type of sensitive information they handle and store, the following businesses are at an even higher level of risk for data breach:
- Health care practices
- Law offices
- Accounting offices
- Financial services
How Can Data Breach Insurance Help?
Data Breach Insurance can help by:
- Providing access to time-saving professional services to help quickly restore your business’ reputation,guide you in handling a breach and assistance with regulatory compliance
- Covering response expenses, including mailing notification letters, credit monitoring services and public relations
- Providing coverage for defense and liability expenses in the event you are sued because of a breach
What are the Details of the Insurance Coverage*?
Response Expenses* coverage help pay for the cost of:
- Legal and Forensic Services to asses whether a breach occurred and assistance with regulatory compliance if it’s determined that a breach occurred
- Notification to impacted customers and employees, and associated expenses, such as letter preparation and mailing cost
- Crisis Management/Public Relations to inform your customers a breach has occurred and to help restore your business’ reputation
- Good Faith Advertising Services to organize and create a media response
- Monitoring Services to pay for credit, fraud, public records or other monitoring alerts, if warranted
Defense and Liability Expenses* provide coverage for civil awards, settlement and judgement that you’re legally obligated to pay if a breach occurs.
*Each policy from different carrier is unique and can have different coverage, exclusions, limits, sub-limits and deductibles. Please refer to your policy or consult with your agent to determine your coverage, limits and exclusions.
Gaspar Insurance Services prides itself in its expertise to provide the right coverage and tools for our clients to minimize their risk of having a breach and to manage the liability that it might cause. Please contact us at 818-302-3060 and schedule an appointment with one of our producers to review your needs and to obtain a no obligation quote.
Remember, it is not a matter of IF you will have a data breach, but WHEN!