Records Mis-Handling and Data Breaches: Cheaper by the Hundred-Millions?

Just a bit more than two years ago, I calculated the penalty of mishandling medical records from more than 67,000 people to be $2.09 apiece. Then this morning, reports arrived saying Target has agreed to settle a class-action lawsuit related to its 2013 data breach for what comes to 25¢ for each of the 40+ million credit cards compromised, and only 9¢ for each of the roughly 110 million affected cardholders.

If the decline indicated by these two datapoints prove out, does it mean that the cost associated with these sorts of lapses in governance is coming to be a simple cost of doing business? And if it does, what affect will that have on our ability to bring greater discipline to the practice?

The sheer number of victims involved in the Target case means the company will, pending federal court approval, establish a $10 million fund to cover the payouts. While this isn’t peanuts, it hardly registers as a percentage of the company’s total revenue of $72.6 billion and represents barely one-half of one percent of Target’s net earnings of $1.97 billion.

So what say you? Are these figures small enough drops in the ocean to be meaningless to corporations? Or is the scope of the problem growing large enough to command the kinds of attention we know governance demands?

Summary
Article Name
Records Mis-Handling and Data Breaches: Cheaper by the Hundred-Millions?
Description
Are penalties declining for information governance lapses? Are they now mere costs of doing business? How, then, can we impose greater records disciplines?
Author

About the author: Steve Weissman

Steve Weissman is Principal Consultant at Holly Group and Co-Founder of Information Coalition. A trusted advisor for more than 20 years, he is a recognized expert in information governance and process innovation – or as he defines it, in the “’care and feeding’ of critical business information and the technologies used to manage and protect it.” Known as The Info Gov Guy™, Mr. Weissman leverages a proven proprietary methodology to optimize everything from your strategic planning and needs assessment to your vendor selection and user adoption. He is a member of the AIIM Company of Fellows and holder of numerous industry designations, and can be reached at steve@hollygroup.com or 617-383-4655.

Leave a Comment