Data breaches and cyber security are a significant concern with U.S. businesses expecting to see an all-time high of nearly 1,500 reported data breaches in 2017. Business owners need to be more vigilant than ever in order to avoid these near-certain attacks, and to protect their employees’ and customers’ personally identifiable information (PII).

Generali Global Assistance, in cooperation with the Identity Theft Resources Center (ITRC), in August 2017 released a white paper that addresses U.S. employers’ obligations to protect employee information and best practices for mitigating risk of a data breach.

The white paper, entitled “Data Protection: Employer Obligations and Motivations,” outlines what types of data need protection, including the aforementioned PII, as well as SPII, or Sensitive Personally Identifying Information, which includes employees’ social security numbers, banking information, and contact information; PHI, or Personal Health Information; Health Insurance Portability and Accountability Act (HIPAA) information; and Anonymized Data, or information that has been sanitized in an effort to make it seemingly impossible to extract potentially sensitive information from the dataset, and often includes seemingly de-identified PII and PHI information.

Failure to properly protect data can have numerous negative consequences for an organization beyond the financial fallout, including reputational damage and a loss of employee trust.  According to Generali Global Assistance and the ITRC, companies must begin building the foundation of a strong cyber security program now, as the frequency and severity of identity theft and other cybercrime continue to increase.

Offering an identity protection service as an employee benefit is one solution that can demonstrate a company’s commitment to its workforce while keeping their information secure.  Organizations should also distribute free identity theft protection and resolution resources that are available from the ITRC, among other organizations.

By assessing how data is compromised, as well as current information protection legislation and best practices for data protection, the white paper gives a more comprehensive picture of the state of data protection and what businesses must to do take a more proactive role in protecting that data.

The full report can be accessed by visiting this link.
The Identity Theft Resources Center (ITRC)’s website is here.