DATA BREACH INSURANCE FOR BUSINESS – WHY IT COULD JEOPARDIZE PRIVATE INFORMATION SECURITY

Financial institutions are perhaps one of the most concerned of all businesses when it comes to data breaches. My guess for why this may be true is the fact that the industry does not fully understand the value of your name and personal data. Add to that the possibility of compromising your financial records in a situation that could spell disastrous PR, and you can understand why they are worried. It happened to Bank of America and Citi Bank, and the repercussions were swift and furious in the media. If you aren’t fully familiar with the pitfalls of a potential threat like a major data breach—as their counterparts in the junk mail business should be—you do what comes natural. You buy insurance to offset the loss. ChoicePoint should have known to take more precautions, and look what happened to them. Bank Technology News reports the cost per record when data goes missing is $100, according to ChoicePoint, the guys that started this whole mess; $182, Ponemon Institute; and from $90 to $305, Forrester Research. Do the math if they lose 1 million records. To the rescue, the insurance industry, of course. However, a privacy attorney thinks the coverage isn’t adequate, and “…wouldn’t come close to covering the liability an institution might face in a major breach.” So, the point of this story is, if industries are out of the loop on what collecting and manipulating sensitive data is all about, they may just decide to blow the budget on insurance rather than beef up security. That’s when we all lose.