Lost Data and Cyber Insurance

Reports of people's personal details being compromised by government agencies, retailers, educational and financial institutions, and internet businesses have become all too common in recent times. 

These incidents, often involving lost or stolen laptop computers, computer disks and Universal Serial Bus (USB) memory sticks, have heightened awareness of the risks associated with holding customers' data.

Your company may collect personal data and as such be increasingly reliant on digital assets. This should place prevention of security and privacy breaches high on your agenda. 

Unfortunately, costs for lost data may go beyond what is covered under your professional indemnity insurance. Other costs may include data recovery and mailing fees for notifications of data breaches. Further, a breach of security can also seriously damage your company's image, meaning that services to reduce reputational damage such as hiring a PR Firm or providing free or discounted services for those affected might be necessary. While insurance is available to mitigate some of these threats, the key to reducing these risks to your business is sound risk management.

To protect your business's reputation you should continually review your procedures for handling both your and your clients’ sensitive data.  Some steps you can take include:

  • Developing operational guidelines to support security policies and standards
  • Regular staff training to ensure employees are familiar with security procedures and their responsibilities to help protect your company's data and reputation
  • Ensuring all laptops are secured with proprietary encryption technology to prevent the loss of information in the event of accidental loss of the equipment
  • Using secure USB memory sticks only
  • When emailing sensitive client data externally, ensure the emails are secured using a proprietary encryption service
  • Having a formal process for updating software, firewalls and anti-virus programmes regularly and promptly
  • Having in place a tried and tested crisis management plan which can be implemented as soon as a potential security breach is detected

Whilst effective risk management remains key, having cyber insurance can be a significant benefit for companies involved in a security breach. As well as covering many of the major costs, insurers have the resource to advise a company on what they need to do and have expert contacts to handle the situation appropriately.

For further information, please contact your local Cherrypicked Insurance Broker.

Last reviewed 01/10

 

To talk to an expert in your area and get a quote, contact your local insurance broker.