Preparing Your Business’ Response to a Data BreachMay 6, 2010 – In The News
As a part of daily business, you likely collect protected personal information (PPI) from employees, customers, vendors and third parties through your web site or by paper correspondence. If you collect PPI, you owe a duty to the owners of this information to safeguard and not unreasonably disclose it. Unfortunately, many businesses have undertaken a minimalist approach to protecting PPI and complying with (or even learning about) the relevant laws, requirements and consequences for failure to comply.
The Identity Theft Resource Center noted that 656 data breaches were reported in 2008, exposing more than 35 million records, an increase of 47 percent from 2007. Those numbers rose to more than 222 million records exposed in 2009. The average cost for responding to a breach was $204 per affected customer in 2009, which seems small until you consider that breaches often involve from hundred of thousands to millions of records.