The Basics, Risks, Best Practices, and Response
The convenience of working with information in the digital age has revolutionized the workplace. Despite technological advances, state agencies and universities that collect or hold private, personal information are susceptible to improper access or disclosure of that information.
What are the Risks?
1. Theft, loss, or unauthorized disclosure of personal information (i.e. names, social security, financial account information, health-related information, etc.).
2. State agencies and universities are particularly vulnerable because they are the custodians of large amounts of private, non-public information.
3. Each year, an estimated 7% of U.S. households, about 6.4 million households, have at least one member age 12 or older experience identity theft.
4. There is a large and sophisticated black market presence with shockingly low prices for personal information.
5. The average cost of a breach is $214 per record, $7.2 million per incident.
While a "data breach" may seem like a remote possibility, in practice, no state agency or university is immune to the risk. The state(s) of Utah and South Carolina have experienced large information breaches that are expected to cost millions of dollars.
Understanding the risks, federal and state laws, and incident response can make all the difference between a proper response and one that results in multimillion dollar class action lawsuits, regulatory investigations/fines, and irreversible reputational damage.
In December of 2012, the Risk Management & Tort Defense Division contracted with Clyde & Company LLP, International Consulting Firm, to provide on-line training to address cyber/information security issues unique to the State of Montana.
To download slides from the presentation, please click here. To view the presentation, please click in the player window below (110 minutes).
Loading the player...