Author: John Burcham / Source: Business 2 Community
Data breaches have become all-too-common amongst retailers, businesses, educational institutions and health care facilities. Last year, 1,093 data breaches led to over 36 million compromised records in the United States, leaving millions of Americans’ personal information exposed.
The best way you can protect your information from compromise is by taking proactive measures to safeguard it, especially after a data breach. Follow us as we break down what can happen to your information after a data breach, what the law says about notifying you of breached data and how to secure information that has already been compromised.
Why are data breaches so catastrophic?
The severity of a data breach relies heavily on three elements: type of information exposed, number of records compromised and number of individuals left vulnerable. Potentially compromised information can include personally identifiable information (PII) like your name, address and Social Security number, medical records, login credentials and financial account numbers. Whether your information finds itself on the online black market, is used to make unauthorized purchases or to create new financial accounts, data breaches allow criminals access to large pools of highly sensitive data to use however they’d like.
If a data breach compromises low-risk information like phone numbers or email addresses, your identity is probably still safe. However, criminals can use that information to target you in phishing emails and scam calls, hoping to obtain more sensitive information.
If more sensitive information like your Social Security number, passwords or birth date are exposed in a breach, you may face more serious threats like fraud and identity theft. Unfortunately, there’s no way to know for sure what will come of your compromised information immediately after a breach.
What does the law say about data breach notifications?
As of March 2017, nearly every state and U.S. territory has data breach notification laws put into place. Data breach notification laws regulate how companies notify their customers of data breaches involving the exposure of personal information. Because these laws are governed on a state level, they can sometimes be confusing — and even contradictory.
Breach Notification Statutes Vary State-to-State
Breach notification laws assess what is deemed “personal information,” how notifications are sent to customers and time frames for…