Apr 18, 2012

What data does your organization collect, process or store?

I think we are all getting to a general understanding that a big exposure for companies lies in the data they have flowing through their organizations. Whether the data is in electronic format or still in paper files, if that data contains Personally Identifiable Information (PII) or Protected Health Information (PHI) an organization is held accountable for safeguarding that information.

PII is typically defined as a combination of any of the following:

name; address; telephone number; email address; social security number; date of birth; an official state or government issued driver’s license or identification card number; a government passport number; credit card information; financial account information; medical information; an employer, student or military identification number;

PHI is typically defined as any identifiable information, including demographic information that relates to an individual’s past, present or future physical or mental condition, the provision of health care to an individual or the past, present or future payment for health care treatment.

When PII or PHI is breached there are financial consequences. Cyber risk Insurance can protect an organization against these consequences; ask us how.



Cyber Bytes is S.H Smith & Company's Cyber, Security & Privacy blog – written by the experts you trust.


Betty Shepherd and Jeanine Loomis are experts in the field of Cyber, Security, & Privacy. Combined, they have over 40 years experience writing Cyber, Security & Privacy Liability policies.


With over three decades of experience as an IT Manager/Security Expert, Gene Barnes is intimately acquainted with the cyber threats that today's business owners face.