Effective Policies Help Prevent Accidental Exposure of Customer Information
Inadvertently exposing your customers' personal information can have lasting ramifications for an organization -- such as damage to your reputation, loss of business, statutory violations and civil liability.
Recently, health insurance provider Wellpoint, Inc., notified 470,000 consumers that their medical records and other personal information was inadvertently exposed online for several months. Wellpoint had established the website to allow customers to track their application for insurance coverage. The breach was discovered by a customer who found that she could access other people's information simply by entering different web addresses. The customer filed a lawsuit against Wellpoint as a result of the discovery. Wellpoint attributed the problem to an outside vendor that was used to set up the site and announced that the problem was resolved within 12 hours of Wellpoint's awareness of the problem.
Preventive steps can help avoid such incidents. In addition to exercising due diligence in the technical operation of potential web applications, contractual clauses can help ensure that outside vendors agree to comply with data protection laws, have appropriate insurance coverage and will indemnify your organization in the event a problem arises.
For more information about legislation or litigation involving technology, intellectual property protection of information technology assets or any other Information Technology law issue, contact your Miller Canfield attorney.
