How to Report Data Security Incidents

This entry is part 27 of 30 in the series Data Security

What Is Data Breach?

Data breach is the exposure of sensitive customer information due to hacking, theft or the accidental release of data. Business owners are expected to exercise discretion and due diligence to protect their customers’ data from a breach.

Imagine you just received a call informing you that your business and customer records have been compromised. What do you do?

5 Steps for Reporting Data Security Incidents

  1. Reach out to your financial institution. The business owner should immediately contact the financial institution that processes their payments. The financial institution will then guide you through next steps on their part.
  2. Notify your insurance agent or carrier. The sooner they’re made aware of the situation, the better from a liability standpoint.

    Did you know that insurance claims are generally resolved quicker and with lower out-of-pocket costs when they are reported promptly? Learn more.

  3. Consult local authorities. Look to them for guidance on the laws in your state involving data security and data breach. It is especially important to determine if you are required to inform impacted customers. While you may discover it isn’t required by your state, the best practice is to be forthright and honest.
  4. Contact affected customers. Clear communication with customers is critical. Avoid lasting damage to your reputation. In the long run, customers will value honesty even if it is likely to be embarrassing in the short term. Incredible as the direct expenses from a data breach can be, it’s the reputational harm that can do irreparable damage to a business.
  5. Make sure services offered to customers fit the nature of the exposed data. If only debit or credit card information was exposed, credit monitoring is a waste of money—without a Social Security number, a new credit line cannot be opened via an exposed credit card alone. Just inform customers to keep an eye on their own accounts and advise they speak to their bank about the breach. Most likely the affected financial institution will issue a new card.

Failure to Maintain Proper Data Security

By not completing the tasks listed below, your business is exhibiting poor data security and customers are at an elevated risk of a data breach.

  • Failure to shred customer documents
  • Unsecure transportation of customer records (falling off a truck on a freeway)
  • Lost employee laptop computer containing sensitive customer data
  • Printed social security number on mailings

Being aware of common causes of data security breaches is the first step towards implementing safeguards that will help to lessen the threat to your business. Read, “7 Common Causes of Data Breach” to stay ahead of hackers.

About Breach Event Costs Insurance Coverage

Society’s cyber liability insurance provides coverage for reasonable and necessary mitigation costs and expenses incurred as a result of a privacy breach, security breach or adverse media report. This includes legal expenses, proactive and reactive public relations expenses, IT forensic expenses, breach notification costs (including voluntary notification costs), and the cost to set up call centers and provide credit monitoring and identity theft assistance.

Contact your local Society agent today to learn more about how Society can help protect your business.

Series Navigation<< How to Keep Your Restaurant Safe From Cyber ThreatsHow to React to a Payment Card System Data Breach >>
Print Friendly, PDF & Email

Leave a Reply

Your email address will not be published.