Privacy & Data Protection for: Nonprofit Organizations Presentation for:
-
Upload
aubrey-harrison -
Category
Documents
-
view
213 -
download
0
Transcript of Privacy & Data Protection for: Nonprofit Organizations Presentation for:
![Page 1: Privacy & Data Protection for: Nonprofit Organizations Presentation for:](https://reader036.fdocuments.us/reader036/viewer/2022062806/5697bf9b1a28abf838c92c1a/html5/thumbnails/1.jpg)
Privacy & Data Protection for: Nonprofit Organizations
Presentation for:
![Page 2: Privacy & Data Protection for: Nonprofit Organizations Presentation for:](https://reader036.fdocuments.us/reader036/viewer/2022062806/5697bf9b1a28abf838c92c1a/html5/thumbnails/2.jpg)
• 2
Team Intro
Robert SturtevantPrincipal
David WaltersRisk Advisor
HHS Practice Leader
Chris NiezerRisk Advisor
![Page 3: Privacy & Data Protection for: Nonprofit Organizations Presentation for:](https://reader036.fdocuments.us/reader036/viewer/2022062806/5697bf9b1a28abf838c92c1a/html5/thumbnails/3.jpg)
• 3
Gibson Overview
► Founded in 1933 as a Typical Small Town Insurance Agency
► Offices in South Bend, Plymouth, Indianapolis & Fort Wayne
► Top 1% of Largest Independent Agencies in the United States
► Top 5 privately held Independent Agencies in Indiana
► Awarded Best Practices Status Annually Since 1994
► 100% Employee Owned- Including ESOP Program
► Recognized as a Best Place to Work in Indiana Since 2013
► 2014 Principal 10 Best Companies for Employee Financial Security
► Inc. 5000 Fastest Growing Private Companies in 2015
![Page 4: Privacy & Data Protection for: Nonprofit Organizations Presentation for:](https://reader036.fdocuments.us/reader036/viewer/2022062806/5697bf9b1a28abf838c92c1a/html5/thumbnails/4.jpg)
• 4
“The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards.”
– Gene Spafford, Professor of Computer Sciences at Purdue University
![Page 5: Privacy & Data Protection for: Nonprofit Organizations Presentation for:](https://reader036.fdocuments.us/reader036/viewer/2022062806/5697bf9b1a28abf838c92c1a/html5/thumbnails/5.jpg)
• 5
“Two years from now, spam will be solved.”-Bill Gates, 2004
“The problem of viruses is temporary and will be solved in two years.”
- John McAfee, 1988
“Computer viruses are an urban legend.”
- Peter Norton, 1988
![Page 6: Privacy & Data Protection for: Nonprofit Organizations Presentation for:](https://reader036.fdocuments.us/reader036/viewer/2022062806/5697bf9b1a28abf838c92c1a/html5/thumbnails/6.jpg)
• 6
o Laptops, Bluetooth, Tablets
o Cell Phones, Smart Phones, PDAs
o Entertainment (satellite radio, wireless streaming, mp3s)
o Transportation (self parking cars, voice commands, GPS)
o Shopping (online, credit/debit cards)
o Medicine (equipment, medical records)
o Social Media & Cloud Computing
o Online Banking/Check Cashing
and the list goes on and on….
All Things Technology
![Page 7: Privacy & Data Protection for: Nonprofit Organizations Presentation for:](https://reader036.fdocuments.us/reader036/viewer/2022062806/5697bf9b1a28abf838c92c1a/html5/thumbnails/7.jpg)
• 7
o Personal identity theft
o Theft of personal/company banking information
o Utilization of one system to hack other systems
o Viruses erasing entire systems or altering existing files
o Hardware & software property damage
o Unwanted spyware, adware, tracking programs
A Data breach for all businesses…It’s not if, but when!
What’s the Risk?
![Page 8: Privacy & Data Protection for: Nonprofit Organizations Presentation for:](https://reader036.fdocuments.us/reader036/viewer/2022062806/5697bf9b1a28abf838c92c1a/html5/thumbnails/8.jpg)
• 8
• The culprit is often someone close to your business
• The perpetrator could live halfway around the globe
• Size doesn’t matter
• Any company can be hit
• A breach can result from a simple mistake
• Cyber risk is consistently in the top three risk exposures identified by risk managers nationwide
No one is immune
![Page 9: Privacy & Data Protection for: Nonprofit Organizations Presentation for:](https://reader036.fdocuments.us/reader036/viewer/2022062806/5697bf9b1a28abf838c92c1a/html5/thumbnails/9.jpg)
• 9
It’s not if, but when…
![Page 10: Privacy & Data Protection for: Nonprofit Organizations Presentation for:](https://reader036.fdocuments.us/reader036/viewer/2022062806/5697bf9b1a28abf838c92c1a/html5/thumbnails/10.jpg)
• 10
“A data breach is an incident that involves the unauthorized or illegal viewing, access or retrieval of
data by an individual, application or service. It is a type of security breach specifically designed to steal and/or
publish data to an unsecured or illegal location.”
• Source: www.techopedia.com
Defining a Breach
![Page 11: Privacy & Data Protection for: Nonprofit Organizations Presentation for:](https://reader036.fdocuments.us/reader036/viewer/2022062806/5697bf9b1a28abf838c92c1a/html5/thumbnails/11.jpg)
• 11
Average Number of Records Breached Per Incident:
28,765
Average Cost Per Breached Record:
$192 - $240
Varying Factors– Number of Records Breached
– Type of Breach (SS#, Credit Card Info, PHI)
– Class Action Lawsuit Filed?
• Source: Ponemon Institute / Symantec Study
Quantifying a Breach
![Page 12: Privacy & Data Protection for: Nonprofit Organizations Presentation for:](https://reader036.fdocuments.us/reader036/viewer/2022062806/5697bf9b1a28abf838c92c1a/html5/thumbnails/12.jpg)
• 12• Source: Net Dilligence Data Breach Cost Estimator
Sample Calculators
![Page 13: Privacy & Data Protection for: Nonprofit Organizations Presentation for:](https://reader036.fdocuments.us/reader036/viewer/2022062806/5697bf9b1a28abf838c92c1a/html5/thumbnails/13.jpg)
• 13
www.databreachcalculator.com
Sample Calculators
![Page 14: Privacy & Data Protection for: Nonprofit Organizations Presentation for:](https://reader036.fdocuments.us/reader036/viewer/2022062806/5697bf9b1a28abf838c92c1a/html5/thumbnails/14.jpg)
• 14
Forensic Experts
Legal Expenses
Public Relations Consulting
Notification Costs
Hotline Support
Credit Monitoring Subscriptions
Discounts for Future Products & Services
Reputation Damage / Loss of Customers
Fines & Penalties (HIPAA / PCI)
Class Action Lawsuits
Business Interruption / Income Loss
Data Breach “Costs”
![Page 15: Privacy & Data Protection for: Nonprofit Organizations Presentation for:](https://reader036.fdocuments.us/reader036/viewer/2022062806/5697bf9b1a28abf838c92c1a/html5/thumbnails/15.jpg)
• 15
Prevention Strategies► Encryption of portable devices
► Technology use manuals
► Third-party IT expertise
► HIPAA/PCI compliance audits & security scans
► Employee education/training (39% of breaches are caused by human errors)
Mitigation Strategies► Incident response plans
► Public relations consultation
Transfer Strategies► Review contract (indemnification) language with attorney
Finance Strategies► Insurance protection (1st & 3rd party coverage available)
Risk Management Strategies
![Page 16: Privacy & Data Protection for: Nonprofit Organizations Presentation for:](https://reader036.fdocuments.us/reader036/viewer/2022062806/5697bf9b1a28abf838c92c1a/html5/thumbnails/16.jpg)
• 16
First Party Coverages
Privacy Notification Expenses & Monitoring
Crisis Management and Reward Expenses
Business Interruption
Electronic Vandalism
Privacy Liability Defense
Regulatory Defense (including fines & penalties)
Third Party Liability
Disclosure Injury
Content Injury
Reputational Injury
Conduit Injury
Impaired-access Injury
Class actions suits
Insurance Protection
![Page 17: Privacy & Data Protection for: Nonprofit Organizations Presentation for:](https://reader036.fdocuments.us/reader036/viewer/2022062806/5697bf9b1a28abf838c92c1a/html5/thumbnails/17.jpg)
• 17
State data platforms do not create immunity at the local level
Indications are easy to obtain
No two policies are created equally
Be sure to thoroughly compare coverage options available in the marketplace
Cheaper is not always better
Assess tools and resources available by the insurance companies offering coverage
Quantify impact of a breach and assess limits accordingly
Some protection is better than no protection
Insurance Tips
![Page 18: Privacy & Data Protection for: Nonprofit Organizations Presentation for:](https://reader036.fdocuments.us/reader036/viewer/2022062806/5697bf9b1a28abf838c92c1a/html5/thumbnails/18.jpg)
Thank You!www.gibsonins.com