Showing posts from tagged with: data privacy

Information Security: Are You Prepared to Handle a Data Breach?

Posted on November 08, 2013

Insurance is there to protect you and your business when the unexpected happens. Some types of insurance are required by law: auto, work comp, etc. but there are also insurance coverage options which are not, such as cyber liability. So if you are not required to have cyber liability insurance, why should you even consider it? What does it do? And how can it save your business from potential ruin?

Cyber liability insurance helps to cover costs associated with a data breach or a suspected breach whether it occurred electronically or otherwise (such as lost or stolen paper files, cell phones, zip drives, etc.) These policies can include several coverage options which can cover costs for forensic expenses, client notification and credit monitoring services (which may be required by state law if it is suspected that personal information has been compromised), legal defense if a suit is brought against you, and coverage if you are found to be legally liable.

These losses incurred from a data breach are not covered under your traditional business liability policy, which means without cyber liability coverage, you’re left covering the costs. And it’s not just the threat of a cyber-attack that could lead to a breach; human error or improper data handling procedures are also potential loss risks. You could have an unauthorized employee or third party access personal client of employee data, or accidentally release sensitive information to the wrong person; even improper disposal of confidential documents (whether you do it yourself, or hire a third-party company) for which you would be liable.

On average, the cost per record lost in a data breach claim is $204[1]. Below are some claim examples:[2]

  1. An employee of a private high school mistakenly distributed via e-mail the names, social security numbers, birth dates and medical information of students and faculty compromising the personal information of 1,250 individuals.
  2. Burglar stole two laptops from a retail 3rd party service provider which contained the data of over 800,000 clients.  Under notification laws, the retailer-not the service provider- was required to notify affected individuals.  Total expenses for notification to the customer was nearly $5,000,000. 
  3. A rehabilitation center improperly disposed of 4,000 client records in violation of the center’s privacy policy. The State imposed penalties and fines and the center extended $890,000 in customer redress funds for credit monitoring on behalf of the victims. 
  4. A non-profit community action corporation printed two 1099 forms on one piece of paper.  An employee was supposed to separate the forms but didn’t so one person received both copies exposing employee’s personal private information to others.

The truth of it is, most small to medium-sized businesses are unable to cover the costs associated with a data loss on their own. According to a 2010 Symantec study, nearly 60% of victimized businesses close permanently within six months of a breach. Don’t let your business be at risk of becoming a statistic. Talk to your AW Welt Ambrisco Insurance agent today about cyber liability insurance (319) 887-3700.

To find out more about potential data loss exposures, costs, and how to protect your business, AW Welt Ambrisco Insurance is hosting a FREE seminar on Thursday, November 14th from 11am-1pm. To register send an email to

read more