CYBER LIABILITY – California Attorney General Leans Heavily on Unencrypted Data
I have been preaching for some time now that anyone who handles or transmits Personal Health Information, PHI, or Personally Identifiable Information, PII, should seriously investigate learning how to encrypt their data. This is especially true for PII pr PHI stored on smart phones, tablets, laptops, thumb drives and other portable storage devices. Now, in the first of its kind report issued by a state, the California Attorney General, Kamala D. Harris, in “Data Breach Report 2012” issued a stern warning to organizations that ignore that advice.
The AG back s up her warning to companies with a few interesting statistics. First, it will save you a lot of time and money. She noted that 28% of the companies that mandatorily reported a breach would not even have to have reported if their data was encrypted. Second and even more to the point is that 1.4 million Californians out of 2.5 Million with breached information would not have had their financial identity put at risk.
As the keeper of PII or PHI we have the responsibility to protect it from breaches. If you have already encrypted your data – my congratulations to you. If you have not started the process – please make steps to do so at once. Data encryption is the “Get out of jail” card that you will need when your information is breached.
Stewart V. Nelson | Senior Risk Advisor
Kapnick Insurance Group | simplifying insurance
1201 Briarwood Circle | Ann Arbor, MI 48108 | www.kapnick.com
D 734.929.6057 | F 734.994.7326 | C 734.992.6003