Data incidents affect half of Massachusetts residents
The Massachusetts Office of Consumer Affairs and Business Regulation recently released a new report that pulled data from four years of research concerning data breaches throughout the state. It was revealed that 3.2 million residents of Massachusetts - or about half of its population - have been affected by a data incident in that time.
“Businesses, institutions, and others need to do a better job protecting the information of individuals. There is still a lot of work to be done," Barbara Anthony, the state's consumer affairs and business regulation undersecretary, said, according to the Boston Globe.
This is the first report of its kind conducted in Massachusetts, the newspaper noted. It was found that the incidents were commonly a result of either the lack of appropriate security measures or ineffective data management practices, according to the report.
Overall, it was revealed that the financial services industry reported the highest number of breaches, but not the highest number of victims, during the study period. Organizations within this sector acknowledged they suffered 955 incidents during the past four years, affecting more than 900,000 people.
Healthcare also figured prominently into the report with 214 incidents that victimized nearly 1 million Massachusetts residents. Of those, about 800,000 were victims of the one particular incident in which patient records went missing in 2010.
In addition to an increase in the number of events suffered by companies, a law passed by the Massachusetts legislature five years ago may also have skewed the report's findings.
"Since 2007, businesses and groups have been required to notify the state if personal information of Massachusetts residents is lost or stolen," the Globe noted.
Still, the task of preventing data breaches and loss begins and ends with establishing proper data management policies and putting the right solutions in place. How information is stored and maintained by an organization can go a long way in determining its safety. When data is stored properly and access is reliably controlled, it remains far out of the reach of negligent individuals - whether they are an organization's own employees or an outsider looking to exploit the company.
However, growing data volumes have made this a difficult proposition for some companies. When that is the case, IT decision-makers and data managers are encouraged to explore the services of a third-party firm, which can store data offsite and take over nearly all maintenance responsibilities.