General Insurance Article - Insurance sector one of the best at reporting data breaches


The insurance sector has proven itself one of the best at reporting data breaches, with a survey showing just 5 per cent know somebody who has discovered a breach but not reported it – the lowest result amongst all sectors surveyed.

 Data breaches have hit the news already in 2017 with high profile cases such as mobile phone company Three – where an employee’s password was stolen in March and the data of 200,000 customers compromised.

 Then in April, cybercriminals seized 250,000 customer records at Wonga - including bank account details.

 However, it seems these stories may be only the tip of the iceberg.

 The Crown Records Management Survey, undertaken by Censuswide, polled 408 IT decision makers in companies of between 100 and 1,000 employees across the country.

 It provided some shocking results which suggest many of the UK’s data breaches are going unreported.

 Some of the statistics for the insurance sector are below, with mostly encouraging results:
 • Just 5 per cent don’t know who to report a breach to – the lowest amongst any of the surveyed sectors.
 • Everyone surveyed in the insurance sector was aware of what constituted a data breach.
 • Not a single person surveyed had completely avoided reporting a breach to senior management or the appropriate authorities.
 • However a quarter had delayed reporting a data breach after discovering one.

 “Whilst the insurance sector is doing better than most when it comes to data breaches, it is worrying that a quarter of people had delayed reporting a data breach.” said Dominic Johnstone, Head of Information Management at Crown Records Management.

 “Perhaps this comes from a fear of the loss of reputation which can be experienced when breaches are publicised. Or perhaps it is simply down to lack of a clear procedures and information management in the business. Either way, the implications are serious, and the fact still remains that data breaches must legally be reported within 72 hours.”

 New legislation, such as the UK Data Bill and the forthcoming EU General Data Protection Regulation, due to come into force in May 2018, include measures to tackle data breaches.

 The latter will bring in huge fines for businesses which suffer breaches as a result of poor compliance. It also sets a strict timeframe for the reporting of breaches – with fines for those who do not meet them.

 “It is absolutely vital that businesses tackle this culture of secrecy because in future unprotected data loss will simply not be acceptable,” Johnstone said. “In fact, it shouldn’t be acceptable now.

 “Having a clear data protection and information management programme in place is vital for businesses to avoid these kind of problems. It should be very clear who is responsible for reporting breaches and who they should be reported to.

 “Until businesses grasp how much a breach can cost them – both financially and in terms of reputation – this problem is not going to go away.”
  

Back to Index


Similar News to this Story

Sleighing the risks by giving Santa the insurance he needs
While you might be the most magical employer in the world, we know that even you aren’t immune to the risks of running a global delivery service! From
Diversity improving in insurance and long term savings
Key figures from the Association of British Insurers’ latest Diversity, Equity and Inclusion (DEI) data collection highlight the work of insurers and
Almost a third of homeowners have been victims of burglaries
Research commissioned by Co-op Insurance reveals that almost one in three (29%) homeowners have been the victims of theft from their home. The member-

Site Search

Exact   Any  

Latest Actuarial Jobs

Actuarial Login

Email
Password
 Jobseeker    Client
Reminder Logon

APA Sponsors

Actuarial Jobs & News Feeds

Jobs RSS News RSS

WikiActuary

Be the first to contribute to our definitive actuarial reference forum. Built by actuaries for actuaries.