Privacy Breaches: Over 28 Million Canadians Affected in the Last 12 Months!
January 23, 2020
The latest reports are in, and privacy breaches are on the rise across the country. Some of the most alarming stats?
- Over 28 million Canadians have been affected by a privacy breach incident in the past 12 months. Keep in mind—Canada’s population is only 37 million.
- Over half—58% to be exact—of reported incidents in 2019 were due to hacking.
- 88% of Canadian businesses reported experiencing at least one cyber attack last year.
What’s a privacy breach?
According to the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA), a privacy breach is the loss of, unauthorized access to, or improper disclosure, retention, or disposal of personal information, resulting from the breach of an organization’s security safeguards or failure to establish security safeguards. That includes anything from a lost USB stick or briefcase, to a snooping employee, to a major cyberattack.
Who’s at risk?
Given the value of private health and banking information, it’s true that some industries, such as healthcare and finance, are more likely to be breached than others. But the reality is: cybercriminals aren’t that picky when it comes to choosing a target—everyone is at risk.
“But I’m too small or new or unlikely to be targeted.”
Misconceptions about who’s really at risk keep companies from investing in adequate security safeguards. Small (and new) doesn’t mean safe. Small to medium businesses (SMBs) might have a smaller public profile, but that also means they’re less likely to invest in cybersecurity. Recent reports from the Ponemon Institute and Verizon show that despite their size, SMBs (defined as having less than 500 employees) account for about two-thirds of all data breaches.
The Bottom Line? In the digital age, all companies are data companies. It’s not about “if” you’ll be hit with a cyber attack—it’s about when. And what you’ll do when it happens.
The Repercussions of a Privacy Breach
The bad news? If you’re found negligent in a data breach, you could be liable for up to $100,000 in fines under the PIPEDA Digital Privacy Act.
The really bad news? On top of PIPEDA, there’s all the additional costs of a data breach ($265 per lost record!) like client notification costs, credit monitoring fees, legal defence, consulting, lost business income, and more! Plus, highly regulated industries—like finance and healthcare—have to pay extra fines for misconduct at both the government and the college level.
The really, really bad news? The loss of client trust and damage to your reputation could have serious ramifications for the long-term success of your business or could even be irreparable.
What can I do?
Minimizing your risks minimizes your costs. Strengthen your cyber risk mitigation practices so you can identify and contain data breaches. The faster you respond to a breach, the less litigation you are likely to face and the quicker you’ll regain your clients’ trust.
Still, no matter how careful you are, sometimes privacy breach is unavoidable. But it’s not unmanageable.
The solution? Privacy Insurance!
For a small fee, Data Security and Privacy Breach Insurance can get you access to:
- A breach coach who will guide you through the legal process of navigating a breach under attorney-client privilege;
- Funds to set up credit monitoring and notifications for affected parties;
- A team of consultants to help manage your organization’s reputation;
- AND more!
To be clear, cyber insurance isn’t a replacement for cybersecurity. You should still invest in preventative measures to reduce the risk of a breach. But in case that’s not enough, insurance will provide you with the resources and support you need to get your business back online and regain your clients’ trust.
With over 35 years in the business, our expertise is a safe bet. PROLINK will provide you with the coaching, coverage, and care you need to feel secure again.
Contact PROLINK to learn more today!
PROLINK’s blog posts are general in nature. They do not take into account your personal objectives or financial situation and are not a substitute for professional advice. The specific terms of your policy will always apply. We bear no responsibility for the accuracy, legality, or timeliness of any external content.