Trends Report

Brief: Legal Costs In A Customer Data Breach Now Pack A Bigger Punch

Recent Legal Settlement Raises The Stakes For US Security Practices

June 19th, 2014
Heidi Shey, Principal Analyst
Heidi Shey Principal Analyst
Chris Sherman, null
Chris Sherman
With contributors:
Stephanie Balaouras , Jennie Duong

Summary

In December of 2009, two laptops containing sensitive information were stolen from the health insurance provider AvMed's corporate headquarters, leading to a breach of 1.2 million customer records. Such data breaches often cause a significant amount of financial, reputational, and organizational hardship for companies. However, the ensuing class action legal battle from the AvMed case has set a new legal precedent for monetary reimbursement for breach victims. This outcome concerns all US organizations who store or process personally identifiable information (PII). In this report, we will discuss the relevant details of the AvMed case and what security and risk (S&R) pros should do (hint: encryption is only one part of the equation) to prevent their organizations from becoming embroiled in potentially costly breach litigation over the loss of PII.

Want to read the full report?

Contact us to become a client

This report is available for individual purchase ($1495).

Forrester helps business and technology leaders use customer obsession to accelerate growth. That means empowering you to put the customer at the center of everything you do: your leadership strategy, and operations. Becoming a customer-obsessed organization requires change — it requires being bold. We give business and technology leaders the confidence to put bold into action, shaping and guiding how to navigate today's unprecedented change in order to succeed.