6 months. 3 data losses. I’m not talking about a failed hard drive. My hospital, my bank and my credit card company have allowed my data to be stolen. I’m on the road to recovery though. Free credit monitoring for a year. To qualify for this free monitoring, all I have to do is fill out a form with my social security number, date of birth and mother’s maiden name and send it to a company I’ve never heard of.
My solution: I ask about encryption standards and access control lists at doctor’s offices. It’s extreme.
It’s hard to know who to trust with data. Lost laptops with social security numbers plague even the largest institutions, those whose brands are synonymous with trust. The data theft ecosystem is well developed. Credit card numbers can be acquired by the thousand, just like ad impressions. With the right user data, credit card fraud is pretty easy. We see it in most of our companies who process credit card payments.
Consumers have the most to lose from these data leaks. Unwinding the credit impacts from identity theft takes years. Today, there are few systems in place to educate consumers, help them evaluate data security risks, and understand the dispersion of their data. How many companies have my Social Security Number? I don’t know. How many of them still need it? I’m not sure. Which level of employee can access my unencrypted data? It’s complicated. When I have children, I’ll manage access to their personal data very closely.
As more data moves to the cloud, as more transactions are conducted online, and as off-the-shelf computational power continues to grow, data theft will only increase both in sophistication and breadth of data.
Today, there are no easy answers for businesses or consumers. We need standards for data protection, consumer education and data access monitoring. I think we will see consumers and enterprises will start demanding more protection for their data and many startups blossoming to meet those needs.