← All topics
Cyber-insurance readiness

Company Profile & Data Sensitivity

Your size and the sensitivity of the data you hold this year. (Company name, website, and industry live in your Company Profile and carry across years.)

What this area covers

Do you collect biometric data?

Biometric data is information taken from a physical trait — a fingerprint, a face or eye scan, a voiceprint. This question is about whether your organization collects or stores that kind of data about people (customers, employees, or the public). It is not asking whether your staff unlock devices with a fingerprint.

Examples of collecting it: face-scan or fingerprint time clocks, voice-ID in a call center, or storing customers’ biometric identifiers.

Why this matters at claim time: Biometrics are permanent — a person can’t change their fingerprint the way they change a password — so a breach of biometric data is uniquely serious, and several laws (for example Illinois’ BIPA) carry heavy penalties for mishandling it. Carriers ask because holding this data raises both breach exposure and legal liability. Answer for what you actually collect and store.

Also covered in this area

  • Current annual gross revenue (USD)
  • Projected gross revenue, next 12 months (USD)
  • Total employees
  • Approximate number of PII records you hold (personal data: names, SSNs, financial, contact)
  • Approximate number of PHI records you hold (protected health information)
  • Do any of these apply to your business? (eligibility screen)

This library is general education, not advice about your specific organization. It describes what each control is and what strong practice looks like; whether and how any of it applies to you is your decision, in consultation with your carrier, broker, or counsel.