The intentional or unintentional release of secured and confidential information that involves the transfer, copying, viewing or stealing the information is called Data Breach. There are many different types of data breaches as well as a variety of motives behind these. A data breach can be a result of a personal grudge that will lead to Identity theft, Credit card and Health information breaches or it can be organizational competition in which the company’s secret documents, finances, ideas and intellectual property is stolen.
Data breaches have a very high cost in a business. According to global newswire an average of $5.9 billion are paid by business around the globe as a result of data breach. There have been a large number of companies and websites that were shut down as a result of data breach, the hackers threaten to reveal secrets, identities, information etc and as a result of this blackmailing, the owners have no choice but to immediately shut their business. The big companies like Sony, Citigroup, Adobe System and Target Corporation etc were also victim to Data breaches that cost them huge sums of money.
Remember a company’s size doesn’t have an impact on the cost data breach, a new model is designed by the Verizon’s security analysts according to whom the data breach loss is not a linear model so it should be treated as a simple average, instead, the cost of data breach should be modeled by the number of records and the cost of each record is effected by the data type and the number of other records compromised as a result of this record. This is a very accurate indicator and helps estimate the true cost of a data breach for a business.
Data Breach And HIPAA
Health Insurance Portability and Accountability Act called HIPAA, it protects individually identifiable health information of a patient. HIPAA protects the electronically protected health information, HIPAA Breach notification rule that notifies the breach in unsecured protected health information and the Patient Safety Rule, this protects the patient’s information and is used to evaluate patient safety events and advance his safety. All the information is kept classified by covert entities that can be health service providers or business associates, if you feel like your HIPAA has been violated by your business associate or Health service provider then you can lodge a complaint against them in the Office of Civil Rights (OCR).
HIPAA violation can be due to; Employee error that is an employee sending files to the wrong destination, Physical Theft is 49% of the HIPAA violation, this is very common in this violation hard drive or ROM is stolen from the computer then there is Delay in notification of Data breach, 62% of HIPAA violations are due to business associates.
The cost and characteristics of Data Breach and HIPAA Violations are clear so the next step is to figure out ways to avoid these situations. There are many companies that are working to protect your data, have backup for you data and make sure that it is out of the hands of all evils. These companies make you understand what data breach is, how can it affect you, what cost will your business pay and so on. One of the companies offering such services is My Document Shredding, this is a destruction service it protects you by destroys all your old, unimportant but secretive data. It works for residents and small businesses.
If taken the correct steps a security breach can be avoided and if it does happen then one should be aware about the cost of a data breach and how to recover from it.