Data security is a major concern across virtually all areas of the legal profession particularly in 2024 thanks in part to a record-breaking number of cyber incidents last year that cost companies an average of $4.45 million dollars. While there is essentially no industry that is immune to cybercrime, the legal field is particularly vulnerable—bankruptcy claims administrators even more so.

Claims administrators are entrusted with nearly every form of sensitive data and personal identifiable information imaginable, including social security numbers, bank accounts, all forms of financial information, information heavily protected under HIPAA and other privacy laws, and cryptocurrency data to name a few. A data breach for them can become an identity theft nightmare for every one of their clients.

Adding to this challenge is the fact that claims administration, which was once a function of the courts themselves, is still overseen by the courts and any data breaches must be disclosed to the court and all interested parties which essentially means everyone involved in the case. This level of compliance raises the stakes for bankruptcy claims administrators to protect sensitive information, and with several data breaches in major chapter 11 cases in the last year, it’s clear that data security has come into sharp focus for the Court and the restructuring community.

How Should Claims Administrators Be Protecting Their Data?

Claims administrators have always been the targets of cybercrime by virtue of the claims they handle and the information they gather to administer the proceeding. This vulnerability makes it imperative that protocols are in place to take all proper cybersecurity measures. Those measures should include the following:

Data Encryption

Encryption adds extra layers of protection to sensitive data and can improve the security of internal communications. Several million unencrypted data records become compromised daily, and although encryption does not offer a 100% guarantee that sensitive information won’t be stolen that information still has a far better chance of remaining secure than if it were left unencrypted.

Multi-factor Authentication

Multi-factor authentication improves the security of the login process by requiring multiple forms of identification from the user. Rather than just entering a password which could be stolen, users must also identify themselves through a code sent to their phone or email, facial recognition, security questions, or something similar.

Strong Network Security

Things like firewalls as well as intrusion detection and prevention software are foundational elements of strong cybersecurity, but it’s important to note that claims administrators looking to avoid data breaches should also be regularly updating their protection software to address vulnerabilities. Cyber criminals are always adapting to current security measures, meaning new vulnerabilities are always cropping up. Network security must constantly evolve to address these vulnerabilities.

Secure Access Controls

Not every team member needs access to every data resource, which is why the most effective approaches to cybersecurity prioritize access control. Claims administrators should have strong policies regarding who gets access to what information, allowing a minimal number of essential team members access to the most sensitive data. According to a Centrify survey, 74% of data breaches begin with the abuse of privileged credentials. Limiting access to only those who need it most can help reduce the odds of those credentials getting into the hands of someone who might misuse them.

Regular Training

The world of cybersecurity is complex and constantly evolving, which is why it’s crucial that claims administrators provide regular training to their teams to help keep them aware of the common mistakes that can lead to data breaches. Studies have shown that over 80% of data breaches are caused by human error. Working to reduce the odds of such errors is one of the strongest cybersecurity measures of all.

Training can also help team members identify what constitutes suspicious activity. Cyber criminals are not only clever and deceptive, but they’re constantly refining their approach to adjust for security measures designed to stop them. It’s estimated that over 90% of cyberattacks begin with a phishing email. Phishing tests as part of regular training can help team members know what to look for to avoid these ever-evolving attempts at credential theft.

Incident Response Preparedness

The prevalence of cyber incidents today makes it so it’s almost unrealistic for a claims administrator to anticipate that one will never happen to them. No matter how strong the cybersecurity measures are, an effective incident response plan should still be in place. This plan helps to delegate responsibility, speed up response time, and mitigate damage in the event of a data breach.

Should a data breach occur, communication protocols, containment strategies, and recovery procedures need to be in place. Data maps are crucial during this time, as well, as they can help to assess the breach, trace its source, and put a stop to it. All these things can be detailed in an incident response plan outline.

Regular Audits and Vulnerability Assessments

Once a claims administrator has a robust cybersecurity plan in place, they can’t just rest on their laurels. Cybercrime is continually evolving and becoming more sophisticated, which means regularly assessing cybersecurity measures for vulnerabilities is the only way to keep up and stay protected.

Choosing the Right Bankruptcy Claims Administrator

Bankruptcy claims administrators are by necessity given access to their clients’ most sensitive information. In a world where cybercrime is hitting new highs year after year, it’s crucial for anyone going through the process of bankruptcy to ensure that the service providers they’re working with hold themselves to the highest cybersecurity standards. Those that do will be able to demonstrate as much by taking the above measures.