If you have a database of customer details, or if you have customer details on someone else’s computer (like the cloud or with your accountant) then you have a “cyber privacy” risk.
What is cyber privacy?
Under laws brought into effect in 2014 a company may be penalised if they fail to responsibly manage their customer’s information. This includes customer information like their name, address, banking details or phone number. The information is valuable to many different people to use in lots of different ways – from simple things like companies wanting cold calling lists to more nefarious things like fishing for bank details. If client information is leaked or hacked then your company may be responsible for the breach.
Depending on the particulars of what happened and the size of your business you might be required to individually post or call each client and advise them of the hack – which can have high upfront costs and then a hefty reputational cost. That is in addition to the IT costs to repair the hack and try to stop it happening again.
Insurance companies have responded to this increased digital risk. Such as with home insurance or car insurance, you can obtain “cyber insurance” which includes protecting the business for a breach of privacy, and even has protection if your website or Facebook account gets hacked. As it is a new insurance product each company offers a distinct package, so I recommend getting your insurance broker to carefully review each one to see which best suits how your business operates.