Data Breaches at Companies Becoming Commonplace
Personal and confidential data is being exposed continually according to a recent 2007 survey. This compromises organizations’ ability to use confidential information without significant exposure to legal liability. More than three-quarters of data and security professionals for North American companies report their customers’ and employees’ personal information has been exposed or lost due to data breaches. “The results of this survey are clear,” said Charles B. Brown a lawyer in Chicago, “senior executives must immediately begin to spend more time creating or improving their data protection practices or risk significant liability.” This startling information was gathered by Deloitte & Touche and the Ponemon Institute LLC in “Enterprise@Risk: 2007 Privacy & Data Protection Survey.” With the ever-changing business environment, companies must protect and appropriately share enormous amounts of data. As recent losses of confidential data have been reported by the media in recent months, companies must become more proactive in protecting personally identifiable information of its employees instead being reactive to data breaches. Prevention now is important as an implementation measure rather than fix it later as a result of a loss. In a truly technological age, companies are collecting more and more data electronically. According to the survey, “Privacy and security professionals agreed that ideally over 60% of their time should be focused on the following privacy related activities: strategy development, execution of program goals, incident response, and enterprise training.” More than 50% of the survey respondents reported multiple breaches occurring within their organization which required notifying employees or customers. Without proper security measures in place, most companies operate in an environment of “not if, but when” will a data breach occur.
Source: Deloitte accounting firm; Enterprise@Risk: 2007 Privacy & Data Protection Survey
