Data Breach: What You Need to Know
Small Business Statistics
64% of data breached investigated in 2010 were from organizations with fewer than 100 employees
95% of credit card breaches are against small business
52% of small businesses reported they have no data security policy
What is a Data Breach?
A data breach, data leak or data spill is the intentional or accidental release, loss, or theft of Personally Identifiable Information (PII) or Protected Health Information (PHI) to an untrusted environment:
- Social security number
- Bank account number
- Credit or debit card numbers
- Drivers license number
- Email address
- Patient history and medications.
- Business trade secrets or intellectual property
How does a Data Breach happen?
- Theft or release due to unauthorized access (i.e. by former employees or vendors)
- Stolen or lost paper and/or electronic files
- Non encrypted e-mail containing confidential info.
- Stolen or lost laptop, smartphone, tablet, or computer disks.
- Stolen credit car information
- Improper disposal of old hard drives
- Employee error or oversight
Who needs Data Breach coverage?
Any business small or large that handles or stores any private business, customer, patient or employee information is at risk. The following business have the highest risk due to the quantity, and type of sensitive information they handle and store:
- Healthcare practices
- Law offices.
- Accounting offices (CPA’s)
- Financial and Insurance Services
How can data breach insurance coverage help?
- Offer time-saving professional services to help quickly restore your business’ reputation, guide you to handling a breach, and assistance with regulatory compliance.
- Cover response expenses, including mailing notification letters, credit monitoring services and public relations.
- Provide coverage for defense and liability expenses in the event your business is sued due to the breach
Data Breach Insurance Coverage
(Based on The Hartford BOP- Optional Data Breach Insurance & Services policy endorsement)
- Legal & Forensic Services to assess whether a breach occurred and assistance with regulatory compliance.
- Notification to impacted customers and/or employees and the associated expenses of letter preparation and postage.
- Crisis Management/ Public relations to restore your business’ reputation
- Good Faith Advertising Services to organize and create a media response
- Monitoring Services to pay for credit, fraud, or other monitoring alerts if warranted (with multiple $ limits and deductibles available)
Defense and Liability Expenses
- Coverage for civil awards, settlements, and judgments that you are legally obligated to pay (multiple liability limits available )
Access to a Data Breach Web Site Providing:
- Tips and resources to prevent and minimize the chances of a breach
- State legal requirements
- Guidance on how to create a an incident response plan
Team of Breach Experts:
- Assist you if you believe a breach may have occurred, and determine the severity of breach.
- Consult on the “next steps” to address the situation.