Risk Management Roulette—How to Keep Your Business Cyber Safe

The adroit and engaged management of cyber risk and data privacy risk is not sexy. It is loads more fun to think about way cool techniques for digital die-cutting and embellishment in the finishing department of the printing business. Or a fully integrated CRM and client file management system to deepen visibility into client needs and wants in the sales and prepress departments. Or, anything else that is notabout cybersecurity. Puhleeze!

But let’s think about a third-party medical billing firm in the recent incident at Mercy Health Lorain, in which a patient data breach occurred when a revenue cycle vendor mailed bills with social security numbers clearly visible in the address windows. In this case, the third-party vendor and a “business associate” under the HIPAA rule, mailed just under 6,000 envelopes to patients over a two-month period in late 2019.

Did the third-party provider have cyber insurance coverage that might help offset the cost of providing identity and reputation management protection to the 5,900 plus Mercy Health Lorain patients? If not, had the provider firm proactively budgeted for the potential impact of the cost of providing that protection, and the cost of printing the data breach notice letters? Did the provider have to engage a forensics team, or an incident response and recovery team, or a data breach specialist law firm? Perhaps most importantly, did the hospital fire the provider?

Continue reading your article
with a WhatTheyThink membership.

WhatTheyThink Annual Membership

Less than $4/week.

Get unlimited access to in-depth commentary and analysis covering the latest trends, emerging technologies, operational strategies, and key events across every segment of today's printing industry.

Stay informed. Stay competitive. Stay ahead.

WhatTheyThink Day Pass

$5 for 24 hours

Unlimited access to all of WhatTheyThink. Get your Day Pass

Already a member?

About Kevin Keane

Kevin Keane is a cybersecurity attorney whose initial career was spent in senior management roles in the printing industry. He writes and speaks often now about cyberrisk in all industries and is currently Vice President / General Counsel / Equity Partner in Beryllium, LLC, dba Beryllium InfoSec Collaborative in Minneapolis. You can reach him at [email protected]

10 Things PSPs Should Consider Before Adopting Robotics: What You Need to Know to Begin the Journey

Why Highly Targeted Communications Make Digital Print Essential to Modern Marketing

Wide Format in 2026: How Technology Is Reshaping Competitive Advantage

Labels & Packaging in 2026: Turning Insight into Direction

Print, Digital, and Everything in Between

View Keypoint Intelligence Reports

Printing and Cyber Risk: Deal with IT or Die from IT

Whether it be a ransomware attack or a breach that lets cyberthieves make off with customer data, cyber risk is an ever-present danger for any print business—made worse in the age of COVID with more employees working from home on their own devices. Kevin Keane lays out some essential steps print businesses can take to boost their cybersecurity. Read More

Risk Management Roulette—How to Keep Your Business Cyber Safe

Everyone thinks they don’t need to worry about cybersecurity—until they do. And when there is a data breach, it can be costly and embarrassing—and maybe even business-damaging. Cybersecurity expert Kevin Keane explains why printing businesses need to take data management and security seriously. Read More

Broadly Defined, Printing Is One Hellacious Cyber Risk

Legal expert and printing industry pundit Kevin Keane contributes this article about the risks printing companies face as they handle an increasing volume of internal and external data. But he doesn’t stop there. He provides our members with specific steps that owners and managers must take to mitigate data breach risks. Read More