Millions of pieces of “Personally Identifiable Information” (PII) are compromised each year due to data breaches, theft by an employee or loss of the data by the company. Yet surprisingly, 69% of small business do not believe that there would be a significant financial impact or harm to their business reputation if they experienced a data breach, according to a recent study conducted by Ipsos Reid. This study also found that:
- 40% of small business owners have no protocols in place for securing data, a five percent increase from last year.
- More than 1/3 of the small businesses report that they never train staff on information security procedures.
- 48% of small businesses don’t have anyone directly responsible for management of data security.
Compounding the issue, are the steps that need to be taken in the event of a data breach, theft, or loss. When a merchant suspects a data breach, they must inform the proper authorities through a complex web of reporting regulations. In a very short period of time, reporting must be completed with local, national, and international governing bodies, in addition to the card networks. State regulations vary state to state and, where federal law applies, it preempts what individual states require. The process is complex, time-consuming and difficult, but failing to comply is a crime that can lead to civil or criminal sanctions, and even prison time.
With 70% of level 4 merchants out of business within 2 years of a breach or suspected breach, an acquirer’s merchants are at risk if a merchant fails to report correctly. This makes having an incident response plan for merchants to follow critically important for acquirers.
G2 Web Services recently introduced G2 Breach Reporting, which helps acquirers mitigate the liability associated with merchant data breach and response plans. Once enrolled, acquirers can offer it to their merchants as a value-added service that can increase an acquirers’ revenue while protecting their merchants. Merchants need only to make a single phone call, and G2 Breach Reporting handles all local, federal and regulatory breach reporting requirements within the necessary time frames. Learn more about G2 Breach Reporting or contact us to find out how G2 Web Services can assist your company.