In the last two blog posts I have been discussing data breeches and the importance of fully educating yourself on the potential associated risks. Below are the remaining answers to the quiz, designed to give you a sense of your knowledge on this topic and help you ascertain if you are as educated as you need to be on this subject.
1. What are some of the ramifications to an individual whose personal information has been stolen, or just lost?
- Loss, theft, accidental release or accidental publication of Personally Identifiable Information (PII).
- The necessity of having to deal with replacing social security numbers, closing bank accounts re-opening new bank accounts, replacing driver’s license.
- The loss of personal medical or prescription information.
2. What are the costs to your business (school), both direct and indirect, when a data breach occurs?
- Loss of students’ trust
- Damage to school’s reputation
- Compliance with the requirements of federal regulation, and potentially state laws, regarding a breach
- Cost of notification
- Cost of obtaining identity theft protection for your students whose information has been lost or stolen
- Lawsuits over privacy injury
3. Are you able to estimate your school’s costs that would result from a data breach?
Individual responses will vary according to institution.
4. Are you able to list 3 laws that address the safe handling of personally identifiable information your school acquires from your students?
- HIPAA – Health Insurance Portability Accountability Act
- HITECH – Health Information Technology for Economic and Clinical Health Act.
- All State Brief Notification Laws for any state within which you have students permanently residing.
5. There is so much information available on the subject of a Data Breach. Can you name one resource that can give you most of what you need in one location?
Your insurance carrier partner should be a “one-stop” resource for all of the information you need. You may also visit : https://www.dhs.gov/topic/cybersecurity.
6. What are the three biggest security threats to the personally identifiable information manage by your school?
Again, answers will vary according to institutions and their IT Teams.
7. What can you do to avoid a Data Breach and what can you do to prepare for one should it occur?
First and foremost, you need to have a broad, comprehensive Cyber Breach Plan. Second, have an outside third party review this plan to make certain it has all of the needed policies and procedures. This too can be provided at no cost from either your Cyber Liability insurance carrier or Hylant.
Specific questions? Email Rachel Dobbs.
The information provided herein presents general information and should not be relied on as insurance advice when analyzing and resolving a specific issue. If you have specific questions regarding a particular fact situation, please consult with competent insurance brokers and/or legal counsel about the facts and laws that apply.