Are You in the 99%? An Update on Cyber/privacy Liability

Are You in the 99%? An Update on Cyber/privacy Liability

January 31, 2013 Business Insurance and Risk Management, The Beacon Blog 0 Comments

Every week brings new stories of data theft, lost or stolen laptops, computer hacking and other cyber incidents. There are now over thirty insurers offering some form of “Cyber” insurance, and prices are dramatically lower than a few years ago. Despite all this, less than 1% of potential buyers have purchased a “Cyber” insurance policy.

If you are in the 99% without this coverage, consider these facts:

If you own or use a computer, you are at risk. The Internet, mobile apps, e-commerce, business websites, message boards, online credit payments, data storage in the cloud – all are sources of potential loss and/or liability.

Theft of personally identifiable information and personal health information is big business. The street value of medical identity is $50 per record; a Social Security number is worth $1. Do the math  for your organization.

State Attorneys General  are extremely focused on consumer protection issues such as unauthorized collection, mishandling, disclosure or failure to provide access to personally identifiable information; failure to provide notice of handling practices or consent to opt in or out of data collection; lack of a privacy policy. Regulatory fines and penalties can be significant.

In addition to state laws dealing with information security and privacy, federal laws include HIPAA, GLB, FCRA and FACTA. (If you don’t know what these initials stand for, we can give you a quick review.) If you have any connection with a healthcare provider,be forewarned that you need to be in compliance with HIPAA.

If you store data in the cloud or contract with outside service providers, your agreements may impose liability on your organization. Read them carefully, preferably before signing.

Information and intellectual property are an organization’s most valuable asset. Traditional insurance policies intended for “brick and mortar” exposures either do not cover “cyber” risk or offer minimal coverage which may be inadequate for your needs.

Admittedly, “Cyber” policies are complex and require detailed applications for coverage. Beacon Insurance Services will walk you through the applications and review policy forms to find the most appropriate coverage. Please call on us for a full review of this important subject.

About the Author

Harry Cylinder

Harry Cylinder, CPCU, ARM has spent nearly fifty years in the insurance industry, the majority of the time as a consultant. He has been employed by The Beacon Group of Companies since 2008, specializing in the review and analysis of property and casualty coverage forms. Mr. Cylinder has been reviewing policy forms as they have evolved over the past decades. In 2008 he published an article in the CPCU Journal which was the first description of cyber insurance coverage for a general insurance audience. Since that time he has regularly written on cyber and other topics for The Beacon Companies’ blog.