When we hear the term “data breach” we are trained to immediately check our online presence information to determine if we’ve been hacked. We hear the term frequently in the news about a massive data breach and we are reminded of our vulnerability in this new age of technology. A data breach typically involves an unauthorized or illegal viewing, access to, or copying of data by an individual or group. The purpose is to steal as much useful information as possible or publish that information in a public forum.
LabCorp is a one the largest medical diagnostic companies in the nation with the resources to have maximum data protection, yet they still may have been exposed. The danger with a company such as LabCorp experiencing a data breach is that their customers and patients’ medical information may have been exposed. Besides medical information it is possible that payment information and internal financial information about LabCorp itself has been seen, accessed and or stolen. LabCorp will have to deal with the exposure of patients private health information but also the reality that they could be vulnerable to further attacks aimed at stealing money or access to credit.
LabCorp, one of the nation’s largest medical diagnostics companies, is investigating a security breach that could have put health records of millions of patients at risk. The company, in a filing with the Securities and Exchange Commission, says it detected “suspicious activities” on its network over the weekend of July 14 and “immediately took certain systems offline as part of its comprehensive response to contain the activity.”
“This temporarily affected test processing and customer access to test results on or over the weekend,” the company said. “Work has been ongoing to restore full system functionality as quickly as possible, testing operations have substantially resumed today, and we anticipate that additional systems and functions will be restored through the next several days. Some customers of LabCorp Diagnostics may experience brief delays in receiving results as we complete that process.”
Some reading this may wonder how this pertains to the cannabis business, but this has everything to do with the cannabis industry. The cannabis industry is unique in the fact that it exists in both the medical world and the retail world. Some states have legalized marijuana for medicinal use only, others for recreation. Some cannabis businesses may have some form of medical information for patients if they are a medical marijuana provider. Other businesses may have less critical data but it is still dangerous in the wrong hands, such as names, addresses, phone numbers, and emails of customers which if published could put any number of people at risk if that information is exposed.
There is also the very real threat of identity theft and people stealing identities to gain access to medical marijuana. If your company stores this type of information on a computer or server, your company is legally liable for protecting this information from a data breach. Data breach insurance protects business owners from legal liability resulting from a data breach, whether the information is stored electronically or by some other means such as on paper. As always it is important to remember that regardless of what type of insurance policy you have, coverage limits will apply. You must read your policy with both your agent and your attorney to determine what your coverage consists of.