Thursday, June 27, 2013
Data breach notification proposals highlight need for secure file sharing
Every week, it seems there is at least one story in the news concerning an organization suffering a data breach. While obviously this is largely due to the sheer number of data breaches which are occurring around the world, it is also at least partly attributable to the public's growing awareness of data breaches and why they are significant. People are quickly coming to realize that having one's information exposed by a breach can lead to damaging consequences, including the possibility of becoming the victim of identity theft or fraud.
The public's increasing focus on data breaches, and organizations' corresponding need for better secure file sharing solutions, is particularly apparent in two calls for improved data breach notification laws.
Computerworld reported that a standing committee in the Australian Senate has urged that body to pass the Privacy Amendments (Privacy Alerts) Bill 2013. The committee argued that this bill, which would require organizations to issue data breach notifications, would be beneficial for both Australian consumers and industry stakeholders.
Currently, data breaches in Australia are significantly underreported, according to the Office of the Information Commissioner (OAIC), as notifications for these events are voluntary, not mandatory. The news source noted that the OAIC only received 56 notifications between July 2010 and June 2011, and even fewer durin?g the same period of 2011 to 2012.
By making data breach reporting mandatory, the Australian government will effectively make the cost of these occurrences much greater for affected firms. Because they will be forced to reveal these incidents, businesses will likely face much more negative attention when they fail to adequately protect corporate and client data.
On a related note, the U.S. Department of Health & Human Services (HHS) has proposed a new rule that would require federally facilitated exchanges created as a result of the Affordable Care Act, and all organizations working with these exchanges, to report security incidents within one hour of discovery. This imposes a major burden on healthcare providers, both in terms of logistics and reputation, as organizations will not have time to craft thorough responses to these incidents.
As these and other notification laws are proposed and take effect, breaches themselves are becoming more costly. That is why organizations in every industry should invest in high-quality secure file sharing solutions that can guarantee the integrity of files as they are being sent and received by authorized personnel, thereby drastically reducing the likelihood of a breach occurring in the first place.