You may have seen a lot of encryption news lately, and you aren’t alone. According to Hoffman & Hoffman Worldwide the level of interest in encryption and the number of encryption-related news articles are at an all-time high. What’s causing all the attention? A few things:
As more breaches occur and news outlets increase their coverage of the issue, companies begin to realize, “this could happen to me.” When a breach occurs, the loss of customers’ trust is not only damaging to the company’s reputation, but also to their bottom line. According to the Ponemon Institute’s 2014 report, the average cost of a security breach is $3.5 million. Data breach costs include direct expenses like engaging forensic experts and discounts for future products and services, as well as indirect costs like internal investigations, communications, and the extrapolated value of customer loss from turnover or reduced customer acquisition rates. The cost of a breach, both in dollars and time, far exceeds the cost of prevention.
The Office of Civil Rights (OCR) is responsible for enforcing HIPAA regulations and they have publicly announced a renewed focus on audits, saying that the past year will “pale in comparison” to the enforcement ahead. From June 2013 to June 2014, there were nine resolution agreements that resulted in over $10 million in monetary settlements, including a record $4.8 million monetary settlement announced in May 2014.
As of June 2014, there were 47 states with their own data security/breach notification laws. As time goes by, the laws continue to get stricter. In July 2014, Florida began enforcing the Florida Information Protection Act of 2014. This legislation broadened the definition of “protected personal information” to include usernames or email addresses, in combination with a password. The new law also raises the maximum penalty to $500,000. Florida is ahead of the curve when it comes to information protection, but other states have shown no sign of easing up on restrictions.
The list of reasons to be concerned about security breaches is long and daunting, however the solutions are simple. We recommend joining the Zix Encryption Network. It’s a growing community of more than 10,000 customers that enables the automatic exchange of encrypted email for all messages between members. The best part is email sent to other members are delivered transparently; no portals or passwords, just email. For more information, contact us.