Depending on your given industry or the specific policies set forth by your employer, encryption technology for data protection may become mandatory rather than optional. For example, in the health care sector, patient privacy laws require keeping information encrypted. Organizations receive significant fines for noncompliance.
In one case occurring in June 2018, the University of Texas’s MD Anderson Cancer Center received a $4.3 million penalty for violating the Health Insurance Portability and Accountability Act, more commonly known as HIPAA. The trouble began in 2012 when a thief stole a laptop containing 30,000 patient records from an employee’s home. That same year, as well as in 2013, there were two separate instances of more data loss via misplaced USB drives.
The devices containing the data were not encrypted. The judge that ruled in the case brought up that glaring oversight when he issued the fine. In health care, as well as other industries that often handle sensitive information, regulatory fines are genuine concerns. Besides how these incidents cut into an organization’s profits, bad publicity could give people second thoughts about doing business with companies that don’t responsibly store data.