What is Data Breach Insurance?
This article explores data breach and how data breach insurance helps to protect your business in the event a data breach occurs.
- What is a Data Breach?
- What is Personal Identifiable Information (PII)?
- What is Payment Card Information (PCI)?
- What is Personal Health Information (PHI)?
- Who is At Risk for a Data Breach?
- What are Data Breach Notification Laws?
- What is Data Breach Insurance?
What is a Data Breach?
You can’t go a week without seeing a data breach in today’s headlines. However, data breach can occur with any size of business. Small businesses are targeted because they don’t have the resources to secure their data and records as well as a large company. But what exactly is a data breach? A data breach occurs when sensitive, confidential, or otherwise protected data has been accessed by an unauthorized party. The types of data that can be breached may fall into one or more of the following categories:
- Personal Identifiable Information (PII)
- Payment Card Information (PCI)
- Personal Health Information (PHI)
The public perception is that data breach occurs when a hacker breaks into a secure computer system and steals records. However, most data breaches are caused by simple human error. Consider the following scenarios:
- An employee’s laptop with customer records is stolen
- An employee sends customer records to the wrong email address
- A credit card company notifies you that your point-of-sale credit card machine was compromised and credit card records were stolen
What is Personally Identifiable Information?
Personally identifiable information, or PII, includes private information of individuals such as:
- Date of Birth
- Social Security Number
- Home Address
- Telephone Numbers
- Bank Account Numbers
- Private photos or videos
What is Payment Card Information?
Payment card information or PCI includes credit and debit card information and is an exposure for any organization that accepts credit card payments regardless of the payment processing service used. Even if you use an outside vendor for credit and debit card processing, you may be responsible if the data breach affects your customers.
What is Personal Health Information?
Personal health information or PHI includes medical or health care data. PHI is a particular importance to health care organizations and the business associates that they work with and is typically central to HIPAA and other regulations.
Who is At Risk of Data Breach?
Who is at risk of data breach? Practically all businesses regardless of size or industry. Any business with employees, a website, a social media account, or that accept payment other than cash could be exposed to a data breach. Often breaches occur as a result of insider actions or inadvertent errors rather than companies being targeted by a hacker.
Expenses associated with a data breach can add up quickly. Small breaches of under a hundred records can lead to tens of thousands of dollars and loss when accounting for legal fees forensics and costs to comply with breach notification laws. The average cost per compromised records is hundreds of dollars.
What Are Data Breach Notification Laws?
All 50 states have legislation requiring the notification of each individual if any Personally Identifiable Information, Payment Card Information, or Personal Health Information was part of a security breach. It doesn’t matter if the information was used for identity theft purposes.
What is Data Breach Insurance?
Data breach insurance covers your business for financial losses related to a data breach, hacking event, or theft of documents. Policies cover expenses such as:
- Breach notification (as required by law) of individuals affected by the breach
- Costs of mandatory credit and identity theft monitoring
- Hotlines to assist individuals who were affected by the breach
- Crisis management and public relations services to restore your good reputation with customers
- Costs to recover lost data
Can We Help You?
Our team at Navion includes specialists in data breach and cyber liability coverage. Please contact us if we can assist you.