Cyber Guide Cost and Penalties for Non-compliance
Non-compliance with any of these regulations may come with a substantial penalty These can vary by state, as do the data breach communication requirements. Penalties can be assessed as:
- Civil penalties per resident affected and/or per breach.
- Additional penalties for actual economic damages.
- Also punishable by other state-specific deceptive trade practices laws, or as prescribed by a state attorney general.
- The law that applies is within the jurisdiction of the person whose data was breached.
There are also timelines for responses; may carry penalties for delays in notifications.
** As impactful as anything listed above or below, comes the loss of trust from your customers. You are the trusted advisor and custodian of their private information - Consider the business impact to your agency if you experience a data breach and have to communicate their personally-identifiable information has been exposed. See examples of Real-World IA Data Breaches here.
Costs and Penalties for Noncompliance Could Include the Following:
EXAMPLES OF FIRST-PARTY EXPENSES
EXAMPLES OF THIRD-PARTY EXPENSES
Agency Financial Penalties Due to a Breach - As Defined In Agency Contracts
As a result of the 'hold harmless' and 'indemnification' sections of agency/carrier agreements, the agency could be required to pay the following costs
and expenses, which would be in addition to the direct cost and expenses incurred by the agency in defense of their actions.