$7.01 Million: Average Cost to Resolve a Data Breach

Data breaches are not only becoming more prevalent among companies located in the U.S., recovering from them is also becoming more expensive.  

According to the 11th annual benchmark study conducted by the Ponemon Institute, the average total cost to resolve a data breach increased by 7 percent since the previous study conducted in 2013, to a staggering $7.01 million. The average cost for each lost or stolen record containing sensitive information increased by 2 percent, from $217 to $221 per record.  

The 2016 study, released in June, examined costs incurred by 64 U.S. companies in 16 industry sectors. Data breaches involving more than 100,000 compromised records were not included in the results as the institute found that the types of breaches incurred by most organizations averaged 29,611 compromised records.  

The report provides information regarding trends gleaned from research as well as findings on factors that generate higher costs and those factors that reduce the costs of data breaches. Over the years, results from the Ponemon studies have revealed these trends:

  • The cost of a data breach has not fluctuated significantly, suggesting that the cost should be incorporated by businesses in data protection strategies.
  • The biggest financial consequence of a data breach is lost business which, not surprisingly, is greater in certain industries such as the financial, health, technology, life sciences and service industries. Organizations need to include in any plan steps to keep or retain customer trust. 
  • Most data breaches continue to be caused by criminal and malicious attacks which take the most time to detect and contain, and therefore have the highest cost per record.
  • The costs of data breaches are higher for entities in regulated industries, such as healthcare and financial services, because of fines and higher than average loss of business.
  • Improvements in data governance programs often result in cost savings. These may include having incident response plans in place, appointing a CISO, implementing employee training and awareness programs, and having a business continuity management strategy in place. Investment in data loss prevention controls, encryption programs, endpoint security solutions and threat sharing reduced costs.

The three factors were found to increase data breach costs the most:

  • Third party errors
  • Extensive migration to the cloud
  • Rush to notify

Third party involvement resulted in the highest increase with a $20.30 increase in cost per record lost or stolen, with cloud migration coming in second with an increase of $15.40.

The lesson to learn is to carefully choose third party vendors and make sure that all vendor agreements require the vendor to maintain standards to mitigate risk, and requires the vendor to take responsibility in the event of a breach (or at the least provides for an equitable sharing of the risk and costs if a breach occurs). Many vendor agreements include provisions limiting the vendor’s liability, which if not modified to except out a data breach can leave the customer with all of the costs of the breach. Requiring vendors to carry appropriate insurance and, in certain circumstances, name the customer as an additional insured may help mitigate the risk.

The risks and costs of data breaches are not likely to lessen, so planning and taking steps to mitigate and deal with a data breach will need to be part of the strategy of most, if not all, businesses.

By:  Lynn Wangerin
Source: The SKO Insider

Top 10 Causes of Distracted Driving—and What They All Have in Common

It’s no surprise that distracted driving is a major cause of car-related injuries and deaths. In fact, it’s estimated that roughly 25% of motor vehicle accident fatalities [3] are a result of distracted driving.

But what causes us to be distracted while driving in the first place? A Pennsylvania-based insurance company [4] examined data from the Fatality Analysis Reporting System, which surveys all American motor vehicle fatalities.

The results reveal the top ten causes of distracted driving, and make it clear that not all distractions are created equal.
1. Smoking related – 1%. Only one in a hundred accidents is related to lighting a cigarette, smoking or putting it out.
2. Moving objects – 1%. Moving objects in the car such as insects and pets can lead you to take your eyes off the road—and at least one source suggests [5] that it may be an underreported cause of distraction.
3. Using devices/controls to operate the vehicle – 1%. Surprisingly, adjusting things like mirrors or seatbelts plays a relatively minor role in distraction-related car accidents.
4. Adjusting audio or climate controls – 2%. Fiddling with the radio or adjusting the A/C for even a moment is a factor in a small number of traffic fatalities.
5. Eating or drinking – 2%. Every car has cupholders—and using them can be a definite source of distraction.
6. Using or reaching for a device brought into the car – 2%. We all know that using devices like cellphones can take our minds off the task of driving. But it turns out that even reaching for them can lead to a serious accident.
7. Other occupants – 5%. Other people in the car can place major demands on your attention when you’re driving, which can result in a collision.
8. Outside person, object or event – 7%. It turns out that looking at something or someone outside the car, like gawking at an accident or at people in other cars, is even more of a distraction than the person in the passenger seat.
9. Cellphone use – 12%. The second-leading cause of deaths due to distraction-related car accidents won’t be a surprise to anyone, as cellphones can distract us in a number of ways. But if they’re not the biggest cause then what is?
10. Generally distracted or “lost in thought” – 62%. By far the biggest cause of distracted driving fatalities is a driver’s mind wandering for long enough to lead to a collision—and someone’s death.

Though these 10 factors have a vastly different rate of occurrence, what’s interesting is they all have one thing in common. The one factor in every distracted driving accident is drivers paying attention to something other than driving. So what causes so many drivers to feel they can take their eyes and mind off the road?

There’s a simple but dangerous answer: complacency.

After you’ve been driving for a while you get comfortable and can forget just how dangerous it can be—because you’re complacent to the risks of driving. As a result, you’re more likely to feel like you can send a quick text or daydream without putting yourself in danger.

Compounding the problem are other states of mind like rushing, frustration and fatigue. These can further contribute to taking your eyes and mind off the task of driving and influence your decisions to do things when driving that increase your risk of a collision.

So what can you do about it? Check out this free guide on distracted driving [6] that examines why we’re so distracted when behind the wheel—and what we can do about it.

The guide collects the best research on distracted driving and provides an interesting new model for understanding distracted employees in the workplace. Discover an effective framework for improving focus and reducing distraction.

Source URL:

Group Owned Captive Insurance Seminar

The use of captives in insurance can be a very confusing concept. On one extreme, companies who are unfamiliar with the concept believe captive risk financing is a magic bullet which can be used to solve all their traditional market pricing and coverage problems. On the other extreme, companies believe captives are solely the domain of the Fortune 1000 and not applicable to smaller companies.

~~The reality is that there are a variety of types of captives which are used to finance a variety of risks. While some captives have been established for companies with larger risk profiles, there are many more middle market companies who successfully use some form of captive.
We will cover:

•Elimination of the insurance market cycles – stabilize your cost of risk

•Reduce direct and soft costs of claims through highly specialized claims management and loss control services

•Share ideas and experience with an exclusive club of other top tier companies

•Opportunities to enhance your operating income

•Own an equity stake in your insurance company – “Rather than just renting insurance”

•Earn investment income on loss funds and claim reserves

•Contain your corporate tax burdens by enjoying the inflows of captive program profits in tax preferential environment

•Risk management resources from the Tedrick Group to reduce your total cost of risk

~~Location and Date:

Tuesday, April 26, 2016
9:15 - 9:30 am: registration
9:30 - 11:00 am: presentation

Cedarhurst Center for the Arts
2600 Richview Road
Mount Vernon, IL 62864

Breakfast will be provided

RSVP by April 12, 2016 to:
Carrie Wheeler  618.244.5800

About the speaker:

Keith Merkel
Captive Resources, LLC
Captive Resources, LLC is an independent consulting company and industry leader in the creation, development and oversight of member-owned group captive insurance companies.  Their captive model empowers businesses to control their insurance costs and develop organizational cultures that exemplify the very best safety and loss prevention practices.



Workers' Compensation Symposium

Implementing & Managing the Ultimate Workers’ Compensation Program

MARCH 10, 2016
John A. Logan College
8:00 AM to 4:30 PM

*space is limited, registration begins at 7:30 AM

COST: Free
RSVP: Before February 24, 2016

Join us for Southern Illinois Healthcare Workers’ Compensation Symposium to learn best practices from experts in prevention and injury-navigation management.

Visit for complete symposium agenda.

Learn how to:
• Integrate employee wellness
• Choose the right workers’ compensation form, policy and procedure
• Get an end result in a chronic pain case
• Determine the costs through the Preferred Provider Program
• Understand the workers compensation law in Illinois
• Understand the legal and employee care guidelines


Eric Justin, MD, MPH, MBA

Vice President & Chief Medical Officer
Lockton Companies

Deborah Pape, PhD
Performance and Process Improvement Associates

James Atchison, DO
Medical Director, Rehabilitation Institute of Chicago Center for Pain Management &
Professor of PM&R at Northwestern’s Feinberg School of Medicine

Elizabeth Kerr
Vice President of Strategic Partnerships,
HFN and IL Workers’ Compensation Preferred Provider

Brandon Phelps
State Representative 118th District

Tom Margolis
Corporate Workers’ Compensation Attorney

Risk Management Center-Online Training

This year, we have added and revised over 40 online training courses, including
• Abusive Conduct Prevention
• Active Shooter Preparedness
• Crane Rigging
• Fire Extinguisher Safety • Heat Stress Prevention
• Incident Investigation & Analysis
• Lockout and Tagout
• Modified Transitional Duty • Personal Protective Equipment
• Slip, Trip & Fall Prevention
• Trenching & Shoring
• And much more

In addition to our enhanced online training curriculum content, we have added a new resource, the Safety Video Library with over 150 topics, each available in both English and Spanish.

Plus, we've added or updated over 150 additional documents within the Risk Management Library, including policies, posters, PowerPoints, and training shorts.

In 2016, we will continue to develop additional Risk Management Library and training course materials.

Please enjoy a safe and happy holiday season!

New Year's Holiday Schedule

In observance of the New Year's holiday, the Tedrick Group office will be closed Monday, January 2, 2017.

All of us at the Tedrick Group wish you and your family an enjoyable and safe holiday season.

Thanksgiving Holiday

All year long, but especially during this season, we are grateful for the many associations we have with clients, partners and friends. In celebration of Thanksgiving, we will be closed November 25th and 26th.  We hope you have a wonderful day celebrating all there is to be thankful for. 

We wish you all a safe and happy Thanksgiving holiday!

Announcing a New and Improved Risk Management Platform!

The upgrade to your risk management platform is scheduled to go live Monday, November 16, 2015, at 7 am. 

The system will be undergoing this change the weekend prior and will be inaccessible from Friday the 13th at 7:00 PM to 7:00 AM on the 16th.

We encourage you to attend an overview webinar to learn about the new features and functionality before the platform goes live.

Click to Register

The risk management platform will be compatible with the latest versions of the following browsers:

Microsoft Internet Explorer: version 10 or higher
Google Chrome 
Mozilla Firefox 
Apple Safari for Mac 

If you access the platform on an earlier version of Internet Explorer, you will need to upgrade to the latest version to maintain access.

The new risk management platform delivers:

  • A fresh new look and feel 
  • Uniform visual layouts 
  • Customizable Quick Links™ 
  • Compatibility with all major tablet, laptop, and desktop computers
  • Elimination of Access Codes – When you login on Monday the 16th each user will be prompted to choose a unique Username and Password.

Please review this short What’s New Video to see some highlights of the new platform.

Trainings on all of the new platform applications begin the week of November 16. You can register for any of them by going to the Help & Training Center within the risk management platform.


This Week's Training Shorts

Click here to log in to your personalized platform



These training shorts can improve safe work habits, productivity, and morale. The shorts cover a wide variety of work-related subjects to assist your organization in preventing injuries.


This Week's Training Shorts

Fall Protection - Eliminating Falls - English

Lists common fall risks on construction sites.
Fall Protection - Eliminating Falls - English

Fall Protection - Eliminating Falls - Spanish

Lists common fall risks on construction sites.
Fall Protection - Eliminating Falls - Spanish


How to Reduce Losses with Behavior-Based Safety


Learn about the benefits of a loss prevention program and how to identify opportunities for improvement. In addition, hear how Job Hazard Analyses (JHA's) can facilitate employee training that drive safer and more efficient work practices.

This webinar was developed by certified safety and health experts who will provide an overview of the importance of a behavior-based safety program, and how your risk management platform can help reduce your losses.

  • Build effective Human Resources policies
  • Create a culture of safety
  • Meet regulatory compliance





Available date(s):

Thursday, July 30 at 9:00 AM PT

Click to Register




 Using the Risk Management Center to Reduce Your Total Cost of Risk


Understanding the Total Cost of Risk is essential to help organizations reduce exposure, save money, and streamline and evaluate the effectiveness of their risk management program. Learn how to:

  • Evaluate the Total Cost of Risk
  • Manage insurance costs and liabilities
  • Help stop claims and losses before they occur
  • Implement effective workplace safety
  • Develop strategies for regulatory compliance
  • Take the next steps for successful management of organizational risk, using the Risk Management Center

This webinar was developed by certified safety and health experts who will provide an overview of the Total Cost of Risk and its importance to risk management efforts.




Available date(s):

Tuesday, August 4 at 9:00 AM PT

Click to Register






 Learn more about your risk management platform


Join us for an educational overview webinar to learn more about the applications within your risk management platform. These webinars are designed to help you get more out of your platform and improve your productivity.


Available dates:

Wednesday, August 5 at 2:00 PM PT

Wednesday, August 12 at 1:00 PM PT

Wednesday, August 19 at 9:00 AM PT

Click to Register







Risk Management Center


  • Searchable library of risk management policies and training materials
  • Online Training Programs
  • Software programs
  • Click on a video at the right to learn more

More Information:

Risk Management
Platform Video

COI Track® Video

Incident Track™ Video

BBS Track™ Video

Training Track™ Video

SDS Track™ Video

Job Description
Track™ Video

OSHA 300 log Video



We welcome your feedback.

Do you have any suggestions on how to make the risk management platform more useful? Let us know!


Need training in one of the applications? Participate in one of our free daily webinars. Register by clicking on the Help & Training Center button to the right of the platform, under the horizontal navigation bar.


Tired of data entry? Let us help!

We can record all your training files, incident reports, import lists of employees, and more — all in one place and at very reasonable rates!


Custom Online Training

Safety Data Sheet Service

COI (Certificate of Insurance)
Loading Service


Behavior-Based Safety
Program Development

Return to Work Program &
Job Description Development

Risk Assessment Service




Confined Spaces in Construction

OSHA has issued its new rule for confined spaces in construction, which will cover employers with employees working at construction sites with one or more confined spaces.

The rule takes effect August 3, 2015.

Newly regulated construction sites will include buildings, highways, bridges, tunnels, utility lines, and other types of projects. Potentially affected employers include general contractors, as well as specialty-trade construction contractors and employers engaged in some types of residential construction work.  

It includes requirements for training, identification and assessment of confined spaces, hazard analysis, entering, working, exiting, and rescue for confined spaces containing a variety of different hazards.

The new rule, which provides construction workers safeguards similar to those in place for manufacturing and general industry, could protect 800 workers a year from serious injuries and reduce life-threatening hazards according to OSHA.

Although construction workers must often enter confined spaces like manholes, crawl spaces, and tanks, these areas are not intended for continuous occupancy. They are also difficult to exit in an emergency. OSHA says these workers face life-threatening hazards including toxic substances, electrocutions, explosions, and asphyxiations.

New rule differs from existing confined space standards
The new rule differs in several ways from current confined space regulations. For example, it includes a requirement that multiple employers share vital safety information and continuously monitor hazards. OSHA says these advancements are possible due to technological improvements that were not available when the manufacturing and general industry rules were created.

Explained OSHA administrator Dr. David Michaels, “Unlike most general industry worksites, construction sites are continually evolving, with the number and characteristics of confined spaces changing as work progresses.” The standard emphasizes training, continuous worksite evaluation, and communication requirements.

Employers should also note that under the new rule, crawl spaces and attics can be both confined spaces and permit-required confined spaces. For example, working in an attic and applying a large amount of spray foam in a short time can expose a worker to low oxygen levels or a hazardous atmosphere. As well, changes to the entry/exit, ease of exit, and airflow could create a confined space or cause the space to become permit-required.

OSHA’s construction confined space rule highlights
OSHA’s construction standard for confined spaces, 29 CFR 1926 Subpart AA, affects spaces that meet these criteria:

  • Are large enough for a worker to enter.
  • Have limited means of entry or exit.
  • Are not designed for continuous occupancy.

A location may also be a permit-required confined space if it has a hazardous atmosphere, the potential for engulfment or suffocation, a layout that may trap a worker, or any other serious safety or health hazards.

Included in the rule are several requirements for safe entry. Before workers can enter a confined space employers must take pre-entry planning steps including:  

  • Have a competent person evaluate the site for the presence of confined spaces, including permit-required ones.
  • Once the space is classified as a permit-required confined space, identify the means of entry and exit, proper ventilation methods, and elimination or control of all potential hazards in the space.
  • Ensure before workers enter that the air in a confined space is tested for oxygen levels, flammable and toxic substances, and stratified atmospheres.
  • If a permit is required for the space, remove or control hazards in the space and determine rescue procedures and necessary equipment.
  • If the air in a space is not safe for workers, ventilate or use necessary controls or protections so that employees can work safely.

Get additional information about the new rule at

Source:  BLR®—Business & Legal Resources