Cyber Liability Data Breach

    Why Do I Need

Cyber Liability Insurance?

One of the biggest stories of the 2013 holiday shopping season had nothing to do with the hottest toys or the increased reliance on online shopping: Hackers infiltrated Targets point-of-sale system in December and gained access to the credit and debit card information of 40 million customers and the personal information of 70 million more.

Luckily, the Minn.-based chain has over $100 million of cyber liability insurance, according to sources.

As technology becomes increasingly important for successful business operations, the value of a strong cyber liability insurance policy will only continue to grow. The continued rise in the amount of information stored and transferred electronically has resulted in a remarkable increase in the potential exposures facing businesses. In an age where a stolen laptop or hacked account can instantly compromise the personal data of thousands of customers, or an ill-advised post on a social media site can be read by hundreds in a matter of minutes, protecting yourself from cyber liability is just as important as some of the more traditional exposures businesses account for in their commercial general liability (CGL) policies.

Whereas CGL, commercial property and commercial theft policies can cover damage to your tangible property, none of these will provide coverage for loss of data, which is considered intangible. Intangible property values often far outweigh tangible property, making cyber liability coverage a no-brainer if you maintain a strong online presence or handle a customers private information.

A typical cyber liability policy can help protect you from costs associated with a data breach, copyright or trademark infringement, data loss due to natural disasters or hacking and business interruption.

New technological exposures continue to emerge. As your business grows, make sure your cyber liability coverage grows with it. Aiken & Company, Inc. "Since 1914" is here to help you analyze your needs and make the right coverage decisions to protect your operations from unnecessary risk.

      Healthcare Cyber Risk and Solutions

Cyber risk has become a leading issue for many organizations as awareness of cloud computing, social media, corporate Bring Your Own Devise policies, big data, and state- sponsored espionage has grown and recently been amplified by President Obama's Cybersecurity Executive Order. In an increasingly punitive legal and regulatory environment, and in the face of more frequent contractual insurance requirements specifying cyber liability, forward-thinking companies are taking proactive steps to explore and transfer cyber risk

Organizations should be concerned about cyber risk if they:

  • Gather, maintain, disseminate or store private information

  • Have a high degree of dependency on electronic processes or computer networks

  • Engage vendors, independent contractors or additional service providers

  • Are subject to regulatory statutes

  • Are required to comply with PCI Security Standards/Plastic Card Security statutes

  • Are concerned about contingent bodily injury and property damage that may result from cyber incidents

  • Rely on or operate critical infrastructure (Personally Identifiable Information risk are less prominent for industries such as utilities, manufacturing and logistics)

  • Are concerned about intentional acts by rogue employees

  • Extensive amounts of Personally Identifiable Information (PII) and Protected Health Information (PHI) transmitted and stored on system

  • Mobile and tablet computing in offices/hospitals

  • Heavy dependencies on outsourced service providers such as payment processors and laboratory test processing partially due to budgetary pressures

  • Complex chain of liability from providers, payors, third party administrators, technology or hardware firms, pharmacy benefit managers, outsourced network service providers and data storage firms

  • Many users leaving door open to human error

  • Network systems typically allow multiple points of access (including outsourced vendors)

  • Creation and implementation of Electronic Health Records (EHRs) and Personal Health Records (PHRs)

  • Sharing of health information with a variety of providers, including specialists

Coverage A

Information Security and Privacy Liability provides protection to the policyholder for any claim which arises because of violation of a privacy law, such as:

1. Theft, loss or unauthorized disclosure of personally identifiable non-public information (such as social security numbers, debit or credit card numbers, personal identification numbers (PINs), driver’s license number, etc);

2. Failure of computer security to prevent a security breach;

3. Policyholder’s failure to disclose either 1 or 2 in violation of a breach notice law;

4. Failure to comply with a privacy policy;

5. Failure to administer an identity theft program.

Coverage B (see below)

Coverage C

Regulatory Defense and Penalties provides coverage for any regulatory proceeding brought against the policyholder because of an unauthorized disclosure, security breach or failure to disclose such acts in violation of a breach notice law. 

Coverage D

First Party Network Business Interruption provides coverage for any income loss and any extra expense which is a direct result of the failure of computer systems because of a security breach. 

Coverage E

Website Media Content Liability provides coverage for any claim which arises because of any display of any electronic information on the policyholder’s website.

Coverage F

PCI Fines, Expenses and Costs provides protection for any fines or costs which arise under the terms of a merchant services agreement (an agreement between a policyholder and a financial institution which governs the use of credit/debit cards).

Coverage G

Cyber Extortion provides reimbursement to the policyholder for losses that result from a threat to alter, destroy, damage, delete or release electronic data, including patient, business and personal information and software.

Coverage H

First Party Data Protection provides reimbursement for losses resulting from the damage to, or inability to access a data asset as a result of a computer security failure.

Coverage I

Practitioner Regulatory Liability provides coverage for any claim which arises from an alleged error or omission involving: billing errors, self-referrals, violations of the Health Insurance Portability and Accountability Act and/or the Emergency Medical Treatment and Labor Act.