Small Business Data Protection Survey Finds 85 Percent of Small Businesses Believe Data Breach Unlikely

According to The Hartford Small Business Data Protection Survey, an overwhelming 85 percent of small business owners believe a data breach is unlikely and many do not implement security measures to help protect customer or employee data, this despite the fact that the number of data breaches involving smaller businesses is growing. For more information about the survey from The Hartford, visit:

The survey of 501 U.S. small business owners with fewer than 50 employees developed by The Hartford found small businesses varied in their adoption of the company’s ‘8 TIPS TO HELP REDUCE YOUR RISK OF A DATA BREACH’ available at The percentages of small businesses adopting the eight data protection “best practices” are in parentheses:

  • 1. Lock and secure sensitive customer, patient or employee data (48 percent)
  • 2. Restrict employee access to sensitive data  (79 percent)
  • 3. Shred and securely dispose of customer, patient or employee data (53 percent)
  • 4. Use password protection and data encryption (48 percent)
  • 5. Have a privacy policy (44 percent)
  • 6. Update systems and software on a regular basis  (47 percent)
  • 7. Use firewalls to control access and lock-out hackers  (48 percent)
  • 8. Ensure that remote access to their company’s network is secure  (41 percent)

The Hartford Small Business Data Protection Survey also found:

  • 61 percent of small business owners surveyed believe a data breach violates trust and would jeopardize their relationships with customers, patients, and employees.
  • 47 percent of small business owners surveyed acknowledge it would be impossible for a small business to completely safeguard customer, patient, or employee data.
  • 38 percent of small business owners surveyed say they have a more negative opinion of companies that have recently experienced a breach, based on the companies’ handling of the breach.
  • 34 percent of small business owners surveyed say they would have difficulty complying with government notification requirements.

Data breaches involving the Personally Identifiable Information (PII) of consumers are becoming more common in the Information age. PII, as defined by the U.S. Office of Management and Budget (OMB), is any data used for distinguishing individual identity and may include:

  • Full name
  • Birthday and birthplace
  • Social Security Number (SSN)
  • Vehicle registration plate number
  • Driver’s license number
  • Credit card number
  • National identification number

To alert employers about the potential dangers caused by “offshoring” the PII of job applicants for background checks outside of the United States and beyond the reach of U.S. identity theft laws, a group of more than 170 like-minded Consumer Reporting Agencies (CRAs) formed the industry group ‘ConcernedCRAs’ that endorses and subscribes to a set of standards that opposes the processing of consumer reports overseas. For more information, visit

As a member of ConcernedCRAs, Employment Screening Resources (ESR) does not offshore PII and all processing and preparation of background checks are performed exclusively in the United States, with the only exception being international verification using information outside the country. ESR was also the third background screening firm in the U.S. to become “Safe Harbor” Certified for data privacy protection.

ESR is also accredited by the National Association of Professional Background Screeners (NAPBS) Background Screening Credentialing Council (BSCC) for successfully proving compliance with the Background Screening Agency Accreditation Program (BSAAP). ‘Section 1, Consumer Protection’ of the BSAAP includes standards for: Information Security Policy; Data Security; Intrusion, Detection and Response; Stored Data Security; Password Protocol; Electronic Access Control; Physical Security; Consumer Information Privacy Policy; Unauthorized Browsing; Record Destruction; Consumer Disputes; Sensitive Data Masking; and Database Criminal Records. For more information, visit:

For information about background checks, visit Employment Screening Resources (ESR) – ‘The Background Check Authority’ – at, call 415.898.0044, or email


About Employment Screening Resources (ESR):

Employment Screening Resources (ESR) – ‘The Background Check AuthoritySM’– provides accurate and actionable information, empowering employers to make informed safe hiring decisions for the benefit for our clients, their employees, and the public. ESR literally wrote the book on background screening with “The Safe Hiring Manual” by Founder and CEO Lester Rosen. ESR is accredited by The National Association of Professional Background Screeners (NAPBS), a distinction held by a small percentage of screening firms. By choosing an accredited screening firm like ESR, employers know they have selected an agency that meets the highest industry standards. For more information about Employment Screening Resources (ESR), visit, call 415.898.0044 or 888.999.4474 (Toll Free), or email

About ESR News:

The Employment Screening Resources (ESR) News blog – ESR News – provides employment screening information for employers, recruiters, and jobseekers on a variety of topics including credit reports, criminal records, data privacy, discrimination, E-Verify, jobs reports, legal updates, negligent hiring, workplace violence, and use of search engines and social network sites for background checks. For more information about ESR News or to send comments or questions, please email ESR News Editor Thomas Ahearn at