MEASURING TRUST IN PRIVACY AND SECURITY
Ponemon Institute
Sign Up for the Ponemon News Feed for special reports and important updates regarding privacy and security

News & Updates

Third Annual Benchmark Study on Patient Privacy & Data Security

December 6, 2012, We are please to announce the release of the Third Annual Benchmark Study on Patient Privacy & Data Security, sponsored by ID Experts.

2013 State of the Endpoint

December 5, 2012 We are pleased to present the results of the 2013 State of the Endpoint study sponsored by Lumension® and conducted by Ponemon Institute. Since 2010, we have tracked endpoint risk in organizations, the resources to address the risk and the technologies deployed to manage threats.  

Ponemon Institute is pleased to present the results from its annual Most Trusted Companies for Privacy Study.  The study tracks consumers’ rankings of organizations that collect and manage their personal information. Now in its seventh year, the research identifies the overall top performing companies and industries perceived by consumers to be most trusted for their privacy practices. (Click to download)

RIM Council FAQs

What does RIM stand for?

RIM is an abbreviation for Responsible Information Management, a process for engendering trust and confidence in how an organization’s leaders, employees and agents handle, manage, retain and secure sensitive, private or confidential information.

RIM is the alignment of key stakeholders’ privacy and data protection preferences with business, data and technology practices within the organization. Key RIM components include: privacy, data security, information (or data) security, confidentiality, information accuracy (or quality) and data processing efficiency.

Why is RIM important to organizations?

All organizations face the challenge of safeguarding sensitive and confidential information about individuals and their business. RIM offers a practical and holistic approach to identifying and reducing the most critical privacy and data protection risks.

The failure to protect personally identifiable information adequately can result in a costly data breach. In our most recent 2008 Cost of a Data Breach Study, the cost of a data breach has risen to $202 per record from $197 per record in 2007. 

In addition to the financial impact, organizations can experience reputation diminishment and loss of consumer confidence.  A Ponemon Institute study revealed that 20 percent of customers terminated a business relationship when a data privacy breach occurred, and an additional 40 percent would consider doing so.*

The frequency of data breaches in recent years and the resulting high percentage of individuals notified that their personal information was lost or stolen have increased overall concerns about privacy and identity theft. In Ponemon Institute’s 2007 Survey on Consumer Privacy, 84 percent of consumers who had been notified that their confidential data was lost or stolen expressed increased concern or anxiety due to the data loss. Further, consumers are not only upset about the loss of their personal data but also how the data is lost.  In our study, consumers have indicated they would have more negative perceptions about a company that lost their information due to negligence than if that company lost their information as the result of a criminal act or theft.

* National Survey on Data Security Breach Notification, Ponemon Institute, September 2005

What is the RIM Council?

The RIM Council is made up of privacy and data protection professionals from more than 50 companies. Members meet regularly to determine how best to advance solutions to the challenges facing their organizations’ acquisition, use, storage, transfer, and disposal of sensitive personal and business information. These solutions are based on the RIM Framework of process management, education and awareness, monitoring, communications and redress & enforcement.

What are the goals of the RIM Council?

The RIM Council has a number of goals, which include the following:

  • Provide an ethics-based framework focused on problem solving within the context of long-term strategic needs for the management of all personal and sensitive business information assets. Develop tools that help translate policy into operational action that will enable an organization to align the information preferences of individuals and enterprises with business, data, and technology practices, while addressing regulatory considerations.
  • Address challenges faced by multi-national organizations in developing efficient and effective solutions that address cross-border information asset transactions.
  • Provide added value to member organizations through leveraging research and development resources and identifying where possible cost/benefit models.
  • Identify future challenges and opportunities to position and keep members in a proactive rather than reactive mode.

How frequently does the RIM Council meet?

RIM Council members meet frequently through conference calls and in-person meetings.

How is the RIM Council structured?

The RIM Council organization is managed by the Ponemon Institute and governed by its chairman and paid staff appointed and managed by council members and their delegates. The chairman and staff are counseled by an Advisory Board composed of an appointed group from member companies.

Member organizations may be nominated to sit on the Advisory Board. Members may have multiple individuals from their organization participate in RIM Council meetings and/or working groups.