Presentation is loading. Please wait.

Presentation is loading. Please wait.

Privacy & Data Protection for: Nonprofit Organizations Presentation for:

Published byAubrey Harrison Modified over 9 years ago

Similar presentations

Presentation on theme: "Privacy & Data Protection for: Nonprofit Organizations Presentation for:"— Presentation transcript:

1 Privacy & Data Protection for: Nonprofit Organizations Presentation for:

2 2 Team Intro Robert Sturtevant Principal David Walters Risk Advisor HHS Practice Leader Chris Niezer Risk Advisor

3 3 Gibson Overview ► Founded in 1933 as a Typical Small Town Insurance Agency ► Offices in South Bend, Plymouth, Indianapolis & Fort Wayne ► Top 1% of Largest Independent Agencies in the United States ► Top 5 privately held Independent Agencies in Indiana ► Awarded Best Practices Status Annually Since 1994 ► 100% Employee Owned- Including ESOP Program ► Recognized as a Best Place to Work in Indiana Since 2013 ► 2014 Principal 10 Best Companies for Employee Financial Security ► Inc. 5000 Fastest Growing Private Companies in 2015

4 4 “The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards.” – Gene Spafford, Professor of Computer Sciences at Purdue University

5 5 “Two years from now, spam will be solved.” -Bill Gates, 2004 “The problem of viruses is temporary and will be solved in two years.” - John McAfee, 1988 “Computer viruses are an urban legend.” - Peter Norton, 1988

6 6 o Laptops, Bluetooth, Tablets o Cell Phones, Smart Phones, PDAs o Entertainment (satellite radio, wireless streaming, mp3s) o Transportation (self parking cars, voice commands, GPS) o Shopping (online, credit/debit cards) o Medicine (equipment, medical records) o Social Media & Cloud Computing o Online Banking/Check Cashing and the list goes on and on…. All Things Technology

7 7 o Personal identity theft o Theft of personal/company banking information o Utilization of one system to hack other systems o Viruses erasing entire systems or altering existing files o Hardware & software property damage o Unwanted spyware, adware, tracking programs A Data breach for all businesses…It’s not if, but when! What’s the Risk?

8 8 The culprit is often someone close to your business The perpetrator could live halfway around the globe Size doesn’t matter Any company can be hit A breach can result from a simple mistake Cyber risk is consistently in the top three risk exposures identified by risk managers nationwide No one is immune

9 9 It’s not if, but when…

10 10 “A data breach is an incident that involves the unauthorized or illegal viewing, access or retrieval of data by an individual, application or service. It is a type of security breach specifically designed to steal and/or publish data to an unsecured or illegal location.” Source: www.techopedia.com Defining a Breach

11 11 Average Number of Records Breached Per Incident: 28,765 Average Cost Per Breached Record: $192 - $240 Varying Factors – Number of Records Breached – Type of Breach (SS#, Credit Card Info, PHI) – Class Action Lawsuit Filed? Source: Ponemon Institute / Symantec Study Quantifying a Breach

12 12 Source: Net Dilligence Data Breach Cost Estimator Sample Calculators

13 13 www.databreachcalculator.com Sample Calculators

14 14 Forensic Experts Legal Expenses Public Relations Consulting Notification Costs Hotline Support Credit Monitoring Subscriptions Discounts for Future Products & Services Reputation Damage / Loss of Customers Fines & Penalties (HIPAA / PCI) Class Action Lawsuits Business Interruption / Income Loss Data Breach “Costs”

15 15 Prevention Strategies ► Encryption of portable devices ► Technology use manuals ► Third-party IT expertise ► HIPAA/PCI compliance audits & security scans ► Employee education/training (39% of breaches are caused by human errors) Mitigation Strategies ► Incident response plans ► Public relations consultation Transfer Strategies ► Review contract (indemnification) language with attorney Finance Strategies ► Insurance protection (1 st & 3 rd party coverage available) Risk Management Strategies

16 16 First Party Coverages  Privacy Notification Expenses & Monitoring  Crisis Management and Reward Expenses  Business Interruption  Electronic Vandalism  Privacy Liability Defense  Regulatory Defense (including fines & penalties) Third Party Liability  Disclosure Injury  Content Injury  Reputational Injury  Conduit Injury  Impaired-access Injury  Class actions suits Insurance Protection

17 17  State data platforms do not create immunity at the local level  Indications are easy to obtain  No two policies are created equally  Be sure to thoroughly compare coverage options available in the marketplace  Cheaper is not always better  Assess tools and resources available by the insurance companies offering coverage  Quantify impact of a breach and assess limits accordingly  Some protection is better than no protection Insurance Tips

18 Thank You! www.gibsonins.com

Download ppt "Privacy & Data Protection for: Nonprofit Organizations Presentation for:"

Similar presentations

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Insurance in the Cloud Ben Hunter, Canadian Underwriting Specialist Technology Insurance Specialty Chubb Insurance Company of Canada.

Insurance in the Cloud Ben Hunter, Canadian Underwriting Specialist Technology Insurance Specialty Chubb Insurance Company of Canada.
Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.

Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.
Cyber Liability- Risks, Exposures and Risk Transfer for a Data Breach June 11, 2013.

Cyber Liability- Risks, Exposures and Risk Transfer for a Data Breach June 11, 2013.
AFM INTERNAL AUDIT NETWORK MEETING MUTUAL ONE GROVE PARK, LEICESTER Current ‘Hot Topics’ in Information Security Governance Auditing David Tattersall 03.

AFM INTERNAL AUDIT NETWORK MEETING MUTUAL ONE GROVE PARK, LEICESTER Current ‘Hot Topics’ in Information Security Governance Auditing David Tattersall 03.
IS BIG DATA GIVING YOU A BIG HEADACHE? Risk Reduction - Transactional, International and Liability Issues Oregon State Bar Corporate Counsel Section Fall.

IS BIG DATA GIVING YOU A BIG HEADACHE? Risk Reduction - Transactional, International and Liability Issues Oregon State Bar Corporate Counsel Section Fall.
Information Security Jim Cusson, CISSP. Largest Breaches 110,000 2009-11-27 NorthgateArinso, Verity Trustees 6,400 2009-11-25 Aurora St. Luke's Medical.

Information Security Jim Cusson, CISSP. Largest Breaches 110, NorthgateArinso, Verity Trustees 6, Aurora St. Luke's Medical.
Cyber Insurance Today: Lots of Interest, Lots of Product Innovation, and Lots of Risk Richard S. Betterley, CMC Betterley Risk Consultants, Inc. Sterling,

Cyber Insurance Today: Lots of Interest, Lots of Product Innovation, and Lots of Risk Richard S. Betterley, CMC Betterley Risk Consultants, Inc. Sterling,
Lockton Companies International Limited. Authorised and regulated by the Financial Services Authority. A Lloyd’s Broker. Protecting Your Business from.

Lockton Companies International Limited. Authorised and regulated by the Financial Services Authority. A Lloyd’s Broker. Protecting Your Business from.
Financial Institutions – Cyber Risk Managing Cyber Risks In An Interconnected World State Compensation Insurance Fund Audit Committee Meeting – February.

Financial Institutions – Cyber Risk Managing Cyber Risks In An Interconnected World State Compensation Insurance Fund Audit Committee Meeting – February.
Presented by: Jamie Orye, JD, RPLU Beazley Group Pennsylvania Association of Mutual Insurance Companies Annual Spring Conference March 12, 2015.

Presented by: Jamie Orye, JD, RPLU Beazley Group Pennsylvania Association of Mutual Insurance Companies Annual Spring Conference March 12, 2015.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Cyber Risk Enhancement Coverage. Cyber security breaches are now a painful reality for virtually every type of organization and at every level of those.

Cyber Risk Enhancement Coverage. Cyber security breaches are now a painful reality for virtually every type of organization and at every level of those.
Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.

Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.
Northern Insuring Agency 1. 2 Important Notice ●This presentation is not a representation that coverage does or does not exist for any particular claim.

Northern Insuring Agency 1. 2 Important Notice ●This presentation is not a representation that coverage does or does not exist for any particular claim.
Cyber Liability Insurance Why we have it & How it works DRAFT – Version 3 May 28, 2015 SBCTC – BAR Commission Meeting Doug Selix, MBA, CISSP, CISM, PMP.

Cyber Liability Insurance Why we have it & How it works DRAFT – Version 3 May 28, 2015 SBCTC – BAR Commission Meeting Doug Selix, MBA, CISSP, CISM, PMP.
NEFEC - Cyber Liability MICHAEL GUZMAN, ARM ARTHUR J. GALLAGHER & CO.

NEFEC - Cyber Liability MICHAEL GUZMAN, ARM ARTHUR J. GALLAGHER & CO.
Overview of Cybercrime

Overview of Cybercrime
Enterprise Computing Community June 13 - 15, 2010February 27, 2010 1 Information Security Industry View Linda Betz IBM Director IT Policy and Information.

Enterprise Computing Community June , 2010February 27, Information Security Industry View Linda Betz IBM Director IT Policy and Information.
WHAT EVERY RISK MANAGER NEEDS TO KNOW ABOUT DATA SECURITY RIMS Rocky Mountain Chapter Meeting Thursday, July 25, 2013 11:30 am – 12:30 pm.

WHAT EVERY RISK MANAGER NEEDS TO KNOW ABOUT DATA SECURITY RIMS Rocky Mountain Chapter Meeting Thursday, July 25, :30 am – 12:30 pm.

Similar presentations

Ads by Google