How much does data loss cost a business owner?

Written By Todd Mitchell

As a business owner you are liable for any data loss or damages resulting from that loss. For example, your client database could be a simple excel spreadsheet with names, addresses and birthdays or you could have a full server stack with oracle database. Either way if it is hacked, or even if someone leaves the spreadsheet laying out and it is stolen; the result ids that hundreds or even thousands of client’s information was breached!

According to the law you must do what any reasonable business would do to protect the data. Now you must notify each person and tell them they have had personal information breached. Then you must provide them with identity theft insurance (industry standard is for 10 years). Let’s say you had 1000 client’s information, that cost you 3 days work to notify them all. Then you research and see identity theft insurance costs $200 per person per year.

Math…. 3 days x 8 hours x $15 an hour = $360

More math… 1000 clients x $200 per year x 10 years = $2,000,000 

even if you only had 100 client’s information that is still $200,000

Now suppose one of them has their identity used and kills their credit losing their job so they sue you. You are liable for the damages on top of everything else.

So, a typical business has 2500 client files and is facing $5 million plus the cost of damages from one breach or even a distracted employee leaving the spreadsheet out on the desk while going into the back room to deliver a message.

Yes, this can happen to a small business, even sole proprietor.

Todd Mitchell
Previous

What are Zero-day exploits?
Next

What is FISMA? What are the Pros and Cons?