How is your organization currently protecting your customers’ data and privacy?
Given the recent data breaches of Target, Michaels, and Neiman Marcus, as well as the constant HIPAA patient data breaches in healthcare and insurance industries, four Senators have introduced a new Bill to Congress to address data breaches – the Data Security and Breach Notification Act.
Essentially, the Bill would mandate security standards for databases, establish strong breach notification requirements, strengthen law enforcement, and increase the use of technology to combat hackers. Breaches are becoming more frequent, and hackers aren’t going to disappear.
For the increased use of technology to combat hackers, organizations would be given incentives to adopt advanced technologies that would render electronic data unreadable or unusable in the case of a breach. If data integrity is related to the transmission of data, in an email for example, a resolution might be to encrypt data, or establish email policies for breach notifications.
“Companies constantly collect personal information about their customers, like credit card information, financial account numbers and passwords. In return, I believe those companies should be responsible for securing this personal information throughout their systems that store this sensitive data,” Senator John Rockefeller (D-W.Va.) said. “The recent string of massive data breaches proves companies need to do more to protect their customers.”
An organization should invest in encryption and data leak protection solutions to protect their reputation, as well as to better protect their customers, clients and patients. This is especially true if the government is willing to incentivize investments which prevent hacks and data breaches.
Whereas HIPAA guidelines are already in place for healthcare organizations, these new rules will, if passed, expand to a greater number of businesses and will be enforced by the Federal Trade Commission. Forward thinking organizations would do well to prepare and ensure complaince.