Inside Jobs and Outside Vendors Among Biggest Threats to Corporate Data Security, Survey Reveals

ARLINGTON, Va., Sept. 29, 2015 /PRNewswire-USNewswire/ -- Corporations seeking to avoid costly data breaches might want to worry less about foreign hackers and more about the new employee in accounting. That's one of several instructive takeaways from a comprehensive global survey of corporate privacy professionals that identifies employees and vendors as two sources of risk that corporations are failing to manage properly.

"We've all seen the damage that data breaches can inflict on corporations," said David Perla, President of Bloomberg Law, which commissioned the survey from the International Association of Privacy Professionals (IAPP). "It's time to go beyond the headlines to understand privacy issues at a deeper level, and the revelatory findings in this survey are a step in that direction."

Coinciding with the survey, Bloomberg Law today launched a new, innovative tool — Bloomberg Law: Privacy & Data Security — for attorneys, in-house counsel, and compliance professionals whose work touches on this area of exponential growth and concern.

"It's a data-driven world, and this important survey data demonstrates how privacy professionals actually perceive and handle risk in the real world," said J. Trevor Hughes, President and CEO of IAPP.

Survey participants identified "buy-in" from corporate leadership as the most important factor in mitigating the risk of a data breach, with 89% considering it "important" or "very important." While respondents rated their employers' performance relatively strongly in that regard (55% considered it excellent or almost excellent), they issued considerably lower scores for their employers' performance on two other significant sources of risk: employee monitoring (35%) and vendor management (30%).  

When asked who within their organizations were responsible for evaluating privacy risk, respondents identified general counsel more frequently than any other individual. This was even truer in the United States (where 61% said that general counsel were involved in privacy risk evaluation) than outside the United States (43%). One of the survey report takeaways suggests that the difference may be due to the fact that "compliance is more difficult to discern in the U.S., where there may not be any specific law governing how data can be used."

Bloomberg Law: Privacy & Data Security features a number of time-saving practice tools, including "chart builders" that assist counsel in comparing laws on breach notification, medical privacy, and other issues across jurisdictions. In addition to statutes, case law, regulations, agency guidance, and a news "heat map," it also contains practical documents and forms for practitioners as well as detailed information on upcoming legislative enactments in the U.S. Congress, state legislatures, and in foreign countries.  Practitioners can keep abreast of global privacy laws, regulations, and enforcement actions through Bloomberg Law: Privacy & Data Security's detailed country profiles, treatises, and portfolios crafted by expert practitioners.

"The data security environment is changing on an hourly basis," said Craig Newman, chairman of the privacy and data security practice at Patterson Belknap Webb & Tyler LLP, the New York-based law firm. "Staying truly informed in this area requires substantial effort. Privacy attorneys will welcome any tool that's effective in marshaling information for ourselves and our clients."

Consistent with the survey's findings on the importance of counsel in assessing privacy risk, respondents identified outside counsel as the most common third-party product or service on which they spent funds.

"In light of the current threat environment, organizations want quick, practical answers on data security," said Lisa Sotto, head of the global privacy and cybersecurity practice at Hunton & Williams LLP. "This is an area that carries huge reputational and financial risk. With so much on the line, companies need resources they can turn to for fast and accurate information."

The survey results are based on the responses of 347 corporate privacy professionals, including nearly 250 based in the United States. The full study, titled "Assessing and Mitigating Privacy Risk Starts at the Top," can be accessed here.   

Bloomberg Law: Privacy & Data Security is the latest in a number of recent additions to Bloomberg Law, including Bloomberg Law: Corporate Transactions, which gives corporate attorneys instant access to "market standard" deal terms. 

For more information on Bloomberg Law: Privacy & Data Security and to request a free trial, visit here.  Existing Bloomberg Law subscribers can access Bloomberg Law: Privacy & Data Security free of charge with their subscriptions.

About Bloomberg Law
Bloomberg Law is an all-in-one technology platform that helps law firms grow their top line revenue, provide world-class counsel by getting the right answer fast and efficiently, and maintain and increase their profitability. This is done through a combination of proprietary market data, trusted content and legal analysis, and innovative technology—together enabling and accelerating client growth, client excellence, and client profitability.

About Bloomberg BNA
Bloomberg BNA, a wholly owned subsidiary of Bloomberg, is a leading source of legal, regulatory, and business information for professionals. Its network of more than 2,500 reporters, correspondents, and leading practitioners delivers expert analysis, news, practice tools, and guidance. Bloomberg BNA's authoritative coverage spans a full range of legal practice areas, including tax & accounting, labor & employment, intellectual property, banking & securities, employee benefits, health care, privacy & data security, human resources, and environment, health & safety.

About IAPP
The International Association of Privacy Professionals is the world's largest association of privacy professionals with more than 23,000 members across 83 countries. The IAPP is a not-for-profit association that helps to define and support the privacy profession globally. More information about the IAPP is available at www.iapp.org.

Logo - http://photos.prnewswire.com/prnh/20120110/DC33627LOGO

SOURCE Bloomberg BNA

Related Links

http://www.bna.com