When protected, sensitive or confidential data is accessed or used by someone without authority, this is a data breach. This can involve any kind of data such as personal health, financial, or business related.
Not all data breaches result from hacking into a computer. One can breach data simply by peering over someone's shoulder at the computer screen when they shouldn't be. It can also be elaborately planned: A company's new employee may actually be working for an extensive crime ring to steal data from the inside. Needless to say, a data breach can lead to identity theft (among many other problems).
In the workplace, especially retail, where credit cards are processed, the Payment Card Industry Data Security Standard is designed to provide retailers with guidelines to eliminate data breaches. In a healthcare workplace, HIPAA (Health Insurance Portability and Accountability Act) helps control who has access to personal health information.
- As a consumer you must keep your operating system updated to the latest secure version.
- Run antivirus, antispyware, antiphishing and a firewall.
- Protect your wireless communications with encryption and use a VPN for portable devices.
- Use secure passwords with upper/lower case and numbers.
- In the event someone else is responsible for a breach read very carefully any notification of a data security breach and don't assume that the breach was accidental or that identify theft is not likely.
- Use an identity theft protection product. It will scavenge cyberspace for any unauthorized use of personal information such as from your credit cards and Social Security number; will keep track of personal credit information; and will send an alert if suspicious activity is detected--maybe even prior to you receiving a consumer notification.