Data Breach Prevention
88% of data breaches are caused by employee error.
Your employees need an awareness training that engages their thinking which will change their behavior.
We know that you hired some fantastic people for your organization. They would never intentionally compromise sensitive information or use it with malicious intent.
However, if your employees are not proactively thinking about the potential of outside data thieves, then they could be unwittingly aiding a data breach. Every year, small employee errors are exploited and major data breaches occur.
Let us bring your policies and procedures to life. Create a permanent change in the approach your employees take to handling sensitive data by changing their thinking through one of our sessions.
Employees walk away with:
- Understanding the “why” behind policies and procedures.
- Real-world understanding of how data breaches have occurred and what could have been done to prevent them.
- A new perspective on the danger of leaving sensitive information out in the open.
- A strong desire to shred, shred, shred.
You will now have your own data protection team!
CBS 19 recently did a news story on how easy it would be for a thief to go through a typical office and steal data.
Our CEO, Mark Seguin, starred in the report:
Reported breaches in the healthcare field are occurring on a daily basis.
How many patient records are under your care? The average cost of a breach for a medical organization is $282 per record.
# records you manage:________ x $282 = $_________
As is the case in most breaches, these were primarily caused by employee error. For many organizations the mishandling of these breaches can be far more costly than the breach itself. In addition to our training we also provide a Breach Incident Response plan to our clients.
State-by-State Summary of Data Breach Notification & ID Theft Laws
Most States have their own data breach notification laws the follow is a compilation of these laws. (This is meant as a summary these laws are constantly changing and being updated please consult with counsel in comply with these laws.)
FACTA Red Flags Rule
The Federal Trade Commissions Identity Theft Red Flag Rule requires a program be implemented for any organization that fits the definition of a ‘creditor’ that will detect and deter an individual from using someone else’s information in return for goods or services. A policy establishing what the Red Flags would be and training staff members is required.
HITECH Act (Health Information Technology for Economic and Clinical Health)
HIPPA Breach Notification Requirements require reporting of some data breaches to the Department of Health and Human Services, the individuals effected, and in some cases the local media.
The cost of experiencing a data breach has skyrocketed! No where is it more expensive than in California with the most stringent notification laws in the country. The laws that deal with handling with the notification of individual and the state include:
SB 24 is the strictest breach notification law in the country and now can require notification of the California Attorney General.