As any company can be a target of cyber-attacks, each one should have a plan of action to prevent and manage these incidents. However, this includes more than just IT staff being on the front lines of preventing these attacks. Consider hiring a chief privacy officer, if possible, to make the internal security of the company a full-time endeavor.
Amanda Gratchner, global privacy officer at Navex Global, states “There should be a designated individual responsible for evaluating and addressing privacy concerns. That individual should be involved in the development of any new products and services to evaluate whether any privacy considerations exist. This approach is generally referred to as ‘Privacy by Design,’ since it incorporates privacy into the product development lifecycle, rather than performing a privacy evaluation after the product is fully developed.”
Inside Counsel also states that part of the external preparation is to have legal counsel, specialized IT consultant, as well as forensic technology and public relations firms already in place- before a company experiences a breach.
Therefore, preparation is key. Businesses should continue to be proactive and be in constant communication with sources of security and communicate new protocols effectively. It is critical to provide a written documentation of these policies that answer common questions such as: What data is being collected? Is data highly secured? What is data transferred and stored? Is sensitive information handled appropriately? These questions are pertinent to developing a sound privacy program and should be included in the written guidelines.
In addition to bringing you the latest news from the insurance industry, PL Risk provides Resources for Agents and Brokers nationwide. We’ve recently implemented Hiscox Now, which allows agents their own access to Hiscox and instant quoting. To learn more about our operations, contact us today at (855) 403-5982.