Data breaches highlight the importance of privacy.
| Author | Pierson, Christopher T. |
| Position | Technology |
In January 2007, TJX Cos. reported that it had "suffered an unauthorized intrusion." In plain English, the Framingham, Mass.-based discount retail chain firm experienced a data breach into parts of its computers that process and store details of customer purchases.
It was later determined that the breach involved 96 million records. Though it is difficult to calculate the exact costs of a data breach, in an August 2008 filing with the U.S. Securities and Exchange Commission, TJX stated that it expected to incur more than $202 million in costs related to the breach.
Data Breaches
According to the Ponemon Institute, in 2007 the cost of a data breach for financial services organizations was $239 per compromised record, or more than 21 percent higher than the average ($197 for other institutions), demonstrating that organizations with high expectations of trust and privacy have more to lose from a data breach.
These costs include the investigation, forensics, legal, public relations, security consultants, free/discounted services, credit monitoring, lost business and contact costs.
A data breach is the most prevalent privacy risk resulting from "loss of control of information." In its simplest form, a breach is the "loss of control of data" in either electronic or paper form by a company, its vendors or a malicious third party.
Data breaches have reached an all-time high in the United States. More than 245 million records have been compromised since 2005, according
to the Privacy Rights Clearinghouse. The magnitude and costs of data breaches underscore the importance of instituting company-wide privacy policies and procedures.
Privacy
Privacy means something different to different individuals and organizations. It depends in large part on who or what you are (a person, company, governmental entity or foreign corporation), what products/services your company offers and what type of information is involved.
In its simplest form, privacy is the safeguarding of information against the unauthorized, illegal or inappropriate collection, protection, use, sharing/transfer or disposal of protected information. This applies to all data in any form throughout the lifecycle of its existence.
Privacy is not something that is limited to external-facing matters. Privacy affects all companies internally--as employees, through human resources records, as users on the computer network, as managers and collectors and disseminators of information.
For financial...
To continue reading
Request your trialCOPYRIGHT GALE, Cengage Learning. All rights reserved.
