TechJournal South Header

SMBs lax about reporting data breaches to those affected

March 6th, 2013

lockAlthough more than half the U.S. small businesses surveyed by the Ponemon Institute experienced at least one data breach, only a third notified individuals that their personal information had been exposed, it was reported today in a study conducted for The Hartford Steam Boiler Inspection and Insurance Company (HSB), part of Munich Re.

“Smaller companies are targeted by data thieves, but they often don’t know how to respond when sensitive information they keep on customers and employees is lost or stolen,” said Eric Cernak, vice president for Hartford Steam Boiler.

“Failing to act in a timely and effective way can harm the reputation of businesses and even risk legal penalties in many states.”

The Ponemon Institute survey of small businesses throughout the United States found that 55 percent of those responding have had a data breach, almost all involving electronic records, and 53 percent had multiple breaches.

Only a third notified those affected

Only 33 percent notified the people affected, even though 46 states require that individuals be contacted when their private information is exposed.

The primary causes of the data breaches were employee or contractor mistakes; lost or stolen laptops, smart phones and storage media; and procedural mistakes.

Sensitive information is more likely to be compromised when the data has been outsourced, 70 percent of the respondents believe, but 62 percent do not have contracts that require third parties to cover all the costs associated with a data breach.

Presonal ID most feared data loss

Seventy percent of small business owners said they would purchase insurance to help pay for the costs if data is breached.

At least 85 percent share customer and employee records with third parties such as those providing billing, payroll, employee benefits, web hosting and information technology services.

When asked which type of lost or stolen data was more likely to harm their business, 70 percent agreed the loss of personally identifying information was more damaging than confidential company data.

The Ponemon Institute surveyed small businesses with annual revenues of less than $10 million for Hartford Steam Boiler, which provides HSB Data Compromise insurance for small to mid-sized organizations.

 

Related Stories:

© 2013, TechJournal. All rights reserved.

Tags: , , , , , ,

Comments are closed.

    Most Popular Stories on TechJournal

    None Found