Cyber and CGL Insurance Coverage for Data Breach Claims

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Cyber and CGL Insurance Coverage for Data Breach Claims"

Transcription

1 Cyber and CGL Insurance Coverage for Data Breach Claims Paula Weseman Theisen, Partner Data breach overview Definition of data breach/types Data breach costs Data breach legal claims and damages Cyber-insurance policies First-party and third-party coverages Sample provisions/limitations/exclusions CGL coverage for data-breach claims Coverage A: Property Damage Coverage B: Personal Injury (Privacy) 1

2 What is a data breach? A security incident in which private or confidential data is either lost or accessed/obtained by an unauthorized person Physical loss of computer hardware (laptops, backup tapes, etc.) System failure that inadvertently allows a confidential information to be accessed or viewed A deliberate attack on a company s network by criminal hackers Recall Total Information Management, Inc. v. Federal Ins. Co., 83 A.3d 664 (Conn. Ct. App. 2014) Travelers Indem. Co. of Am. V. Portal Healthcare Solutions, LLC, 2014 WL (E.D. Va.) Zurich Am. Inc. Co. v. Sony Corp. of Am., 3/4/14 So-Ordered Transcript No /11. N.Y. Sup. Ct., N.Y. Cty.; Target; Neiman Marcus; etc. Data-breach costs (first party) Forensic expenses Discovery and scope of breach Identifying what data was accessed/downloaded Re-securing the network Downtime/lost business Notice expenses PR/damage control Required notices Legal expense Breach response Regulatory investigations 2

3 Data-breach claims/damages (third-party) Consumer Claims Risk of identity theft Costs of credit-report monitoring Costs of cancelling cards and loss of use of cards pending replacement Unreimbursed fraudulent charges Loss of time changing account numbers, passwords, etc. Financial Institution Claims Cost of replacing/mailing cards Financial losses from fraudulent charges Staff and temporary employee time to identify affected accounts, notify account holders and respond to inquiries Third-party claims for data breaches Negligence Breach of implied contract Breach of contract (third-party beneficiary of PCI contracts) Breach of warranty Misrepresentation Invasion of privacy Unfair business practices act violations Violation of notification statutes Violations of SCA, FDCPA, FCRA, etc. 3

4 Cyber-Liability Insurance Limit Retention A. Information Security and Privacy $15,000,000* $500,000 B. Privacy Breach Response Services $1,000,000** $20,000 C. Regulatory Defense and Penalties $5,000,000* $500,000 D. Website Media Liability $15,000,000* $500,000 E. Crisis Management & PR $250,000* $5,000 F. PCI Fines and Costs $1,000,000* $500,000 G. Cyber Extortion $15,000,000* $500,000 H. Network Business Interruption $15,000,000* $500,000 Information Security and Privacy Insurer will pay Damages and Claim Expenses in excess of the Retention that the Insured is legally obligated to pay because of any claim first made during the policy period for: Theft, loss or unauthorized disclosure of Personally Identifiable Private Information in the care, custody or control of the Insured An incident resulting from the failure of Computer Security to prevent a Security Breach involving: Failure to prevent transmission of Malicious Code to Third Party Computer Systems; Participation by the Computer System in a DOS Attack against a Third Party Computer System Failure to timely disclose a Data Breach Incident Failure to comply with a Privacy Policy that prohibits or restricts the Insured s disclosure, sharing or selling of PIPI Merchant Services Agreement fines/penalties resulting from both noncompliance with PCI DSS and a data breach caused by the above 4

5 Privacy Breach Response Services Costs incurred: For a computer security expert to determine the existence and cause of a data breach resulting in actual or reasonably suspected theft, loss or unauthorized disclosure of PIPI which may require the Insured to comply with a Breach Notice Law Up to $50,000 for a CSE to demonstrate the Insured s ability to prevent a future data breach as required by a Merchant Service Agreement Attorneys fees to determine the applicability of and actions necessary to comply with a breach notice law due to reasonably suspected theft, loss or unauthorized disclosure of PIPI Limitations/Exclusions Damages: Does not include fees, costs or other amounts the Insured is required to pay under a Merchant Services Agreement Merchant Services Agreement means any agreement between an Insured and a financial institution, credit/debit card company, credit/debit card processor or independent service operator enabling an Insured to accept credit card, debit card, prepaid card, or other payment cards for payments or donations. No coverage for: BI/PD Contractual liability/breach of contract Unlawful collection or retention of PIPI Intentional breach or violation of privacy law (defense costs) Except for Privacy Breach Response and Regulatory Defense and Penalties, claims by the FTC, FCC or other federal or state governmental entities 5

6 Do CGL policies cover data-breach liability? Most business still do not purchase cyber-coverage Understanding of risk/exposure Cost» $25-50,000 per million (larger policyholders)» $15-20,000 per million (smaller insureds) The cyber-insurance limits were inadequate, the right coverages were not purchased or there is a coverage defense CGL Insuring Provisions Coverage A: Property damage Insuring agreement Property damage definition Damages the insured is legally obligated to pay because of property damage (during the policy period caused by an occurrence). 1. Physical damage to tangible property; 2. Loss of use of tangible property that was not physically damaged 6

7 Property Damage Definition: Electronic Data Tangible Property Electronic data is not tangible property. Electronic data means information, facts or programs stored as or on, created or used on, or transmitted to or from, computer software, including systems and applications software, hard or floppy disks, CD-ROMS, tapes, drives, cells, data processing devices or any other media which are used with electronically controlled equipment. Data vs. media distinction Loss of use of credit/debit card Electronic data exclusion Damages arising out of the loss of, loss of use of damage to, corruption or inability to access, or inability to manipulate electronic data. Electronic data means information, facts or programs stored as or on, created or used on, or transmitted to or from computer software, including systems and applications software, hard or floppy disks, CD-ROMS, tapes, drives, cells, data processing devices or any other media which are used with electronically controlled equipment. 7

8 Other Coverage A Exclusions Any "property damage" to personal property in the care, custody or control of any "Insured," loaned to any "Insured," or used by any "Insured," or as to which any "Insured" is for any purpose exercising physical control. Liability arising out of a violation of the [TCPA, Can_SPAM Act] or any act that violates any other statute, ordinance or regulation of any federal, [or] state government that prohibits or limits the sending, transmitting or communicating of material or information. Property Damage Caselaw Pennsylvania State Employees Credit Union v. Fifth Third Bank, No. 1:CV , 2005 WL (M.D. Pa.), aff d in pertinent part Sovereign Bank v. BJ's Wholesale Club, Inc., 533 F.3d 162 (3d Cir. 2008). [T]he credit and debit cards are tangible personal property. [T]hey are palpable, can be touched, [are] capable of ownership, and endowed with intrinsic value. The intrinsic value of each card is probably not very much, whatever the cost of a blank card is, but it nonetheless has intrinsic value. Id. (emphasis added). IBM was asserting liability for injury to these cards as physical objects to be used for credit or debit transactions, the loss of use of these cards for those purposes, but measured by the value of the cards as blanks. 8

9 Recall Total Info. Mgmt. Inc. v. Federal Ins. Co. Recall argued, somewhat hesitantly, that the loss or theft of the tapes themselves constituted property damage. IBM did not claim damages for the cost of the lost tapes or the cart on which they were contained. Instead, the claims for damages related to preventive measures IBM took due to the theft or loss of use of the data on the tapes, not the tapes themselves. This, the court held, is not damage to tangible property. No. X07CV S, 2012 WL (Conn. Super. Ct.), aff d 83 A.3d 664 (Conn. Ct. App. 2014). Coverage B: Personal Injury Damages the insured is legally obligated to pay because of personal and advertising injury. Personal and advertising injury" means injury, including consequential "bodily injury", arising out of one or more of the following offenses: e. Oral or written publication, in any manner, of material that violates a person's right of privacy. Zurich Am. Ins. Co. v. Sony Corp. 9

10 PAULA WESEMAN THEISEN, PARTNER Meagher & Geer PLLP 33 South 6 th Street, Suite 4400 Minneapolis, MN /

Cyber Liability. What School Districts Need to Know

Cyber Liability. What School Districts Need to Know Cyber Liability What School Districts Need to Know Data Breaches Growing In Number Between January 1, 2008 and April 4, 2012 314,216,842 reported records containing sensitive personal information have

More information

Cyber Risk, Legal And Regulatory Issues, And Insurance Mitigation ISACA Pittsburgh Information Security Awareness Day

Cyber Risk, Legal And Regulatory Issues, And Insurance Mitigation ISACA Pittsburgh Information Security Awareness Day Lloyd s of London (Reuters) May 8, 2000 Cyber Risk, Legal And Regulatory Issues, And Insurance Mitigation ISACA Pittsburgh Information Security Awareness Day Rivers Casino, Pittsburgh November 17, 2014

More information

Cyberinsurance: Insuring for Data Breach Risk

Cyberinsurance: Insuring for Data Breach Risk View the online version at http://us.practicallaw.com/2-588-8785 Cyberinsurance: Insuring for Data Breach Risk JUDY SELBY AND C. ZACHARY ROSENBERG, BAKER HOSTETLER LLP, WITH PRACTICAL LAW INTELLECTUAL

More information

Joe A. Ramirez Catherine Crane

Joe A. Ramirez Catherine Crane RIMS/RMAFP PRESENTATION Joe A. Ramirez Catherine Crane RISK TRANSFER VIA INSURANCE Most Common Method Involves Assessment of Risk and Loss Potential Risk of Loss Transferred For a Premium Insurance Contract

More information

Managing Cyber & Privacy Risks

Managing Cyber & Privacy Risks Managing Cyber & Privacy Risks NAATP Conference 2013 NSM Insurance Group Sean Conaboy Rich Willetts SEAN CONABOY INSURANCE BROKER NSM INSURANCE GROUP o Sean has been with NSM Insurance Group for the past

More information

Cyber-insurance: Understanding Your Risks

Cyber-insurance: Understanding Your Risks Cyber-insurance: Understanding Your Risks Cyber-insurance represents a complete paradigm shift. The assessment of real risks becomes a critical part of the analysis. This article will seek to provide some

More information

Cyber Liability Insurance: It May Surprise You

Cyber Liability Insurance: It May Surprise You Cyber Liability Insurance: It May Surprise You Moderator Eugene Montgomery, President & CEO Community Financial Insurance Center Panelists Antonio Trotta, Senior Claim Counsel, CNA Specialty William Heinbokel,

More information

Privacy Liability & Data Breach Management Nikos Georgopoulos Cyber Risks Advisor cyrm October 2014

Privacy Liability & Data Breach Management Nikos Georgopoulos Cyber Risks Advisor cyrm October 2014 Privacy Liability & Data Breach Management Nikos Georgopoulos Cyber Risks Advisor cyrm October 2014 Nikos Georgopoulos Privacy Liability & Data Breach Management wwww.privacyrisksadvisors.com October 2014

More information

INSURANCE COVERAGE FOR CYBER RISKS AND REALITIES September 24, 2013

INSURANCE COVERAGE FOR CYBER RISKS AND REALITIES September 24, 2013 Presenters: Roberta D. Anderson John P. Scordo INSURANCE COVERAGE FOR CYBER RISKS AND REALITIES September 24, 2013 Presentation to the Association of Corporate Counsel Western Pennsylvania Chapter Copyright

More information

plantemoran.com What School Personnel Administrators Need to know

plantemoran.com What School Personnel Administrators Need to know plantemoran.com Data Security and Privacy What School Personnel Administrators Need to know Tomorrow s Headline Let s hope not District posts confidential data online (Tech News, May 18, 2007) In one of

More information

APIP - Cyber Liability Insurance Coverages, Limits, and FAQ

APIP - Cyber Liability Insurance Coverages, Limits, and FAQ APIP - Cyber Liability Insurance Coverages, Limits, and FAQ The state of Washington purchases property insurance from Alliant Insurance Services through the Alliant Property Insurance Program (APIP). APIP

More information

Data Privacy, Security, and Risk Management in the Cloud

Data Privacy, Security, and Risk Management in the Cloud Data Privacy, Security, and Risk Management in the Cloud Diana S. Hare, Associate General Counsel and Chief Privacy Counsel, Drexel University David W. Opderbeck, Counsel, Gibbons P.C. Robin Rosenberg,

More information

Cyber Liability. Michael Cavanaugh, RPLU Vice President, Director of Production Apogee Insurance Group 877-337-3200 Ext. 7029

Cyber Liability. Michael Cavanaugh, RPLU Vice President, Director of Production Apogee Insurance Group 877-337-3200 Ext. 7029 Cyber Liability Michael Cavanaugh, RPLU Vice President, Director of Production Apogee Insurance Group 877-337-3200 Ext. 7029 Today s Agenda What is Cyber Liability? What are the exposures? Reality of a

More information

Network Security & Privacy Landscape

Network Security & Privacy Landscape Network Security & Privacy Landscape Presented By: Greg Garijanian Senior Underwriter Professional Liability 1 Agenda Network Security Overview -Latest Threats - Exposure Trends - Regulations Case Studies

More information

Second Annual Conference September 16, 2015 to September 18, 2015 Chicago, IL

Second Annual Conference September 16, 2015 to September 18, 2015 Chicago, IL Second Annual Conference September 16, 2015 to September 18, 2015 Chicago, IL Using Insurance Coverage to Mitigate Cybersecurity Risks To Warranty and Service Contract Businesses Barry Buchman, Partner

More information

What would you do if your agency had a data breach?

What would you do if your agency had a data breach? What would you do if your agency had a data breach? 80% of businesses fail to recover from a breach because they do not know this answer. Responding to a breach is a complicated process that requires the

More information

Privacy Data Loss. Privacy Data Loss. Identity Theft. The Legal Issues

Privacy Data Loss. Privacy Data Loss. Identity Theft. The Legal Issues Doing Business in Oregon Under the Oregon Consumer Identity Theft Protection Act and Related Privacy Risks Privacy Data Loss www.breachblog.com Presented by: Mike Porter March 10, 2009 2 Privacy Data Loss

More information

CYBERSECURITY: THREATS, SOLUTIONS AND PROTECTION. Robert N. Young, Director Carruthers & Roth, P.A. Email: rny@crlaw.com Phone: (336) 478-1131

CYBERSECURITY: THREATS, SOLUTIONS AND PROTECTION. Robert N. Young, Director Carruthers & Roth, P.A. Email: rny@crlaw.com Phone: (336) 478-1131 CYBERSECURITY: THREATS, SOLUTIONS AND PROTECTION Robert N. Young, Director Carruthers & Roth, P.A. Email: rny@crlaw.com Phone: (336) 478-1131 TOPICS 1. Threats to your business s data 2. Legal obligations

More information

Data Breach and Senior Living Communities May 29, 2015

Data Breach and Senior Living Communities May 29, 2015 Data Breach and Senior Living Communities May 29, 2015 Todays Objectives: 1. Discuss Current Data Breach Trends & Issues 2. Understanding Why The Senior Living Industry May Be A Target 3. Data Breach Costs

More information

Zurich Security And Privacy Protection Policy Application

Zurich Security And Privacy Protection Policy Application Zurich Security And Privacy Protection Policy Application COVERAGE A. AND COVERAGE F. OF THE POLICY FOR WHICH YOU ARE APPLYING IS WRITTEN ON A CLAIMS FIRST MADE AND REPORTED BASIS. ONLY CLAIMS FIRST MADE

More information

Insurance Coverage Issues Implicated in Data Breach Claims

Insurance Coverage Issues Implicated in Data Breach Claims Insurance Coverage Issues Implicated in Data Breach Claims Alex E. Potente Sedgwick LLP San Francisco, CA (415) 627-3453 Alex.Potente@sedgwicklaw.com James H. Kallianis, Jr. Meckler Bulger Tilson Marick

More information

3/4/2015. Scope of Problem. Data Breaches A Daily Phenomenon. Cybersecurity: Minimizing Risk & Responding to Breaches. Anthem.

3/4/2015. Scope of Problem. Data Breaches A Daily Phenomenon. Cybersecurity: Minimizing Risk & Responding to Breaches. Anthem. Cybersecurity: Minimizing Risk & Responding to Breaches March 5, 2015 Andy Chambers Michael Kelly Jimmie Pursell Scope of Problem Data Breaches A Daily Phenomenon Anthem JP Morgan / Chase Sony Home Depot

More information

INFORMATION SECURITY & PRIVACY INSURANCE WITH BREACH RESPONSE SERVICES

INFORMATION SECURITY & PRIVACY INSURANCE WITH BREACH RESPONSE SERVICES INFORMATION SECURITY & PRIVACY INSURANCE WITH BREACH RESPONSE SERVICES NOTICE: INSURING AGREEMENTS I.A., I.C. AND I.D. OF THIS POLICY PROVIDE COVERAGE ON A CLAIMS MADE AND REPORTED BASIS AND APPLY ONLY

More information

PROFESSIONAL RISK PRIVACY CLAIMS SCENARIOS

PROFESSIONAL RISK PRIVACY CLAIMS SCENARIOS PROFESSIONAL RISK PRIVACY CLAIMS SCENARIOS The following claim scenarios are hypothetical and are offered solely to illustrate the types of situations that may result in claims. Although sorted by industry,

More information

Tools Conference Toronto November 26, 2014 Insurance for NFP s. Presented by Paul Spark HUB International HKMB Limited

Tools Conference Toronto November 26, 2014 Insurance for NFP s. Presented by Paul Spark HUB International HKMB Limited Tools Conference Toronto November 26, 2014 Insurance for NFP s Presented by Paul Spark HUB International HKMB Limited Topics Insurance Policies Basics Directors and Officers Liability Insurance Commercial

More information

Cyber and Privacy Risk What Are the Trends? Is Insurance the Answer?

Cyber and Privacy Risk What Are the Trends? Is Insurance the Answer? Minnesota Society for Healthcare Risk Management September 22, 2011 Cyber and Privacy Risk What Are the Trends? Is Insurance the Answer? Melissa Krasnow, Partner, Dorsey & Whitney, and Certified Information

More information

RISKY BUSINESS SEMINAR CYBER LIABILITY DISCUSSION

RISKY BUSINESS SEMINAR CYBER LIABILITY DISCUSSION RISKY BUSINESS SEMINAR CYBER LIABILITY DISCUSSION October 23, 2015 THREAT ENVIRONMENT Growing incentive for insiders to abuse access to sensitive data for financial gain Disgruntled current and former

More information

SINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS 2014 - Data Breach : The Emerging Threat to Healthcare Industry

SINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS 2014 - Data Breach : The Emerging Threat to Healthcare Industry SINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS 2014 - Data Breach : The Emerging Threat to Healthcare Industry DATA BREACH A FICTIONAL CASE STUDY THE FIRST SIGNS OF TROUBLE Friday, 5.20 pm :

More information

INFORMATION SECURITY AND PRIVACY INSURANCE WITH ELECTRONIC MEDIA LIABILITY COVERAGE. I. GENERAL INFORMATION Full Name:

INFORMATION SECURITY AND PRIVACY INSURANCE WITH ELECTRONIC MEDIA LIABILITY COVERAGE. I. GENERAL INFORMATION Full Name: INFORMATION SECURITY AND PRIVACY INSURANCE WITH ELECTRONIC MEDIA LIABILITY COVERAGE NOTICE: COVERAGE UNDER THIS POLICY IS PROVIDED ON A CLAIMS MADE AND REPORTED BASIS AND APPLIES ONLY TO CLAIMS FIRST MADE

More information

Cyber and data Policy wording

Cyber and data Policy wording Please read the schedule to see whether Breach costs, Cyber business interruption, Hacker damage, Cyber extortion, Privacy protection or Media liability are covered by this section. The General terms and

More information

Insurance for Data Breaches in the Hospitality Industry

Insurance for Data Breaches in the Hospitality Industry The Academy of Hospitality Industry Attorneys The Pl Palmer House Hilton Chicago, IL April 25, 2014 Insurance for Data Breaches in the Hospitality Industry Presenters: David P. Bender, Jr. dbender@andersonkill.com

More information

Cyber Insurance and Your Data Ted Claypoole, Partner, Womble Carlyle and Jack Freund, PhD, InfoSec Mgr, TIAA-CREF

Cyber Insurance and Your Data Ted Claypoole, Partner, Womble Carlyle and Jack Freund, PhD, InfoSec Mgr, TIAA-CREF Cyber Insurance and Your Data Ted Claypoole, Partner, Womble Carlyle and Jack Freund, PhD, InfoSec Mgr, TIAA-CREF October 9, 2013 1 Cyber Insurance Why? United States Department of Commerce: Cyber Insurance

More information

Data Breach Cost. Risks, costs and mitigation strategies for data breaches

Data Breach Cost. Risks, costs and mitigation strategies for data breaches Data Breach Cost Risks, costs and mitigation strategies for data breaches Tim Stapleton, CIPP/US Deputy Global Head of Professional Liability Zurich General Insurance Data Breaches: Greater frequency,

More information

Understanding the Business Risk

Understanding the Business Risk AAPA Cybersecurity Seminar Andaz Savannah Hotel March 11, 2015 10:30 am Noon Understanding the Business Risk Presenter: Joshua Gold, Esq. (212) 278-1886 jgold@andersonkill.com Disclaimer The views expressed

More information

Cyber Insurance What is it? Should your bank purchase it? Roberta D. Anderson Partner, K&L Gates LLP roberta.anderson@klgates.

Cyber Insurance What is it? Should your bank purchase it? Roberta D. Anderson Partner, K&L Gates LLP roberta.anderson@klgates. Cyber Insurance What is it? Should your bank purchase it? Roberta D. Anderson Partner, K&L Gates LLP roberta.anderson@klgates.com March 8, 2016 AGENDA Spectrum of Cyber Risk Cutting Edge Cyber Insurance

More information

Cyber Liability. AlaHA Annual Meeting 2013

Cyber Liability. AlaHA Annual Meeting 2013 Cyber Liability AlaHA Annual Meeting 2013 Disclaimer We are not providing legal advise. This Presentation is a broad overview of health care cyber loss exposures, the process in the event of loss and coverages

More information

Privacy Rights Clearing House

Privacy Rights Clearing House 10/13/15 Cybersecurity in Education What you face as educational organizations How to Identify, Monitor and Protect Presented by Jamie Gershon Sr. Vice President Education Practice Group 1 Privacy Rights

More information

IRONSHORE SPECIALTY INSURANCE COMPANY 75 Federal St. Boston, MA 02110 Toll Free: (877) IRON411

IRONSHORE SPECIALTY INSURANCE COMPANY 75 Federal St. Boston, MA 02110 Toll Free: (877) IRON411 IRONSHORE SPECIALTY INSURANCE COMPANY 75 Federal St. Boston, MA 02110 Toll Free: (877) IRON411 Enterprise PrivaProtector 9.0 Network Security and Privacy Insurance Application THE APPLICANT IS APPLYING

More information

GALLAGHER CYBER LIABILITY PRACTICE. Tailored Solutions for Cyber Liability and Professional Liability

GALLAGHER CYBER LIABILITY PRACTICE. Tailored Solutions for Cyber Liability and Professional Liability GALLAGHER CYBER LIABILITY PRACTICE Tailored Solutions for Cyber Liability and Professional Liability Are you exposed to cyber risk? Like nearly every other business, you have probably capitalized on the

More information

Enterprise PrivaProtector 9.0

Enterprise PrivaProtector 9.0 IRONSHORE INSURANCE COMPANIES 75 Federal St Boston, MA 02110 Toll Free: (877) IRON411 Enterprise PrivaProtector 9.0 Network Security and Privacy Insurance Application THE APPLICANT IS APPLYING FOR A CLAIMS

More information

CYBER INSURANCE. Cyber Insurance and Gaps in Traditional Insurance. Cyber and E&O Team Willis FINEX North America

CYBER INSURANCE. Cyber Insurance and Gaps in Traditional Insurance. Cyber and E&O Team Willis FINEX North America CYBER INSURANCE Cyber Insurance and Gaps in Traditional Insurance Cyber and E&O Team Willis FINEX North America Privacy & Network Security (Cyber) Insurance COVERAGE MODULES Privacy Expense Consumer Notification

More information

Internet Gaming: The New Face of Cyber Liability. Presented by John M. Link, CPCU Cottingham & Butler

Internet Gaming: The New Face of Cyber Liability. Presented by John M. Link, CPCU Cottingham & Butler Internet Gaming: The New Face of Cyber Liability Presented by John M. Link, CPCU Cottingham & Butler 1 Presenter John M. Link, Vice President jlink@cottinghambutler.com 2 What s at Risk? $300 billion in

More information

Privacy / Network Security Liability Insurance Discussion. January 30, 2013. Kevin Violette RT ProExec

Privacy / Network Security Liability Insurance Discussion. January 30, 2013. Kevin Violette RT ProExec Privacy / Network Security Liability Insurance Discussion January 30, 2013 Kevin Violette RT ProExec 1 Irrefutable Laws of Information Security 1) Information wants to be free People want to talk, post,

More information

CYBER & PRIVACY LIABILITY INSURANCE GUIDE

CYBER & PRIVACY LIABILITY INSURANCE GUIDE CYBER & PRIVACY LIABILITY INSURANCE GUIDE 01110000 01110010 011010010111011001100001 01100 01110000 01110010 011010010111011001100001 0110 Author Gamelah Palagonia, Founder CIPM, CIPT, CIPP/US, CIPP/G,

More information

INFORMATION SECURITY & PRIVACY INSURANCE WITH ELECTRONIC MEDIA LIABILITY APPLICATION

INFORMATION SECURITY & PRIVACY INSURANCE WITH ELECTRONIC MEDIA LIABILITY APPLICATION INFORMATION SECURITY & PRIVACY INSURANCE WITH ELECTRONIC MEDIA LIABILITY APPLICATION NOTICE: COVERAGE UNDER THIS POLICY IS PROVIDED ON A CLAIMS MADE AND REPORTED BASIS AND APPLIES ONLY TO CLAIMS FIRST

More information

TRENDS IN CYBER LIABILITY Presented by Chris DiIenno Data Privacy and Network Security Group Lewis Brisbois Bisgaard & Smith

TRENDS IN CYBER LIABILITY Presented by Chris DiIenno Data Privacy and Network Security Group Lewis Brisbois Bisgaard & Smith TRENDS IN CYBER LIABILITY Presented by Chris DiIenno Data Privacy and Network Security Group Lewis Brisbois Bisgaard & Smith Types of Data at Stake Residents, constituents, employees PII Personally Identifiable

More information

Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements

Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements Greater New York Chapter Association of Corporate Counsel November 19, 2015 Stephen D. Becker, Executive Vice President

More information

Data security: A growing liability threat

Data security: A growing liability threat Data security: A growing liability threat Data security breaches occur with alarming frequency in today s technology-laden world. Even a comparatively moderate breach can cost a company millions of dollars

More information

Data Security: Risks, Compliance and How to be Prepared for a Breach

Data Security: Risks, Compliance and How to be Prepared for a Breach Data Security: Risks, Compliance and How to be Prepared for a Breach Presented by: Sandy B. Garfinkel, Esq. The Data Breach Reality: 2015 AshleyMadison.com (July 2015) Member site facilitating personal

More information

CYBER 3.0. CUTTING-EDGE ADVANCEMENTS IN INSURANCE COVERAGE FOR CYBER RISK AND REALITY SFOR005 Speakers:

CYBER 3.0. CUTTING-EDGE ADVANCEMENTS IN INSURANCE COVERAGE FOR CYBER RISK AND REALITY SFOR005 Speakers: CYBER 3.0 CUTTING-EDGE ADVANCEMENTS IN INSURANCE COVERAGE FOR CYBER RISK AND REALITY SFOR005 Speakers: Roberta D. Anderson, Partner, K&L Gates LLP Timothy Flaherty, Manager, Insurance Risk Management,

More information

Cyber Liability & Data Breach Insurance Claims

Cyber Liability & Data Breach Insurance Claims Cyber Liability & Data Breach Insurance Claims A Study of Actual Payouts for Covered Data Breaches Mark Greisiger President NetDiligence June 2011 Last year, privacy breaches ran about 1-2 per week. This

More information

Why Buy Cyber and Privacy Liability When You Have a Perfectly Good Commercial General Liability Program?

Why Buy Cyber and Privacy Liability When You Have a Perfectly Good Commercial General Liability Program? Why Buy Cyber and Privacy Liability When You Have a Perfectly Good Commercial General Liability Program? July 2014 Lockton Companies Cyber and Privacy Liability insurance programs have grown in popularity

More information

cyber invasions cyber risk insurance AFP Exchange

cyber invasions cyber risk insurance AFP Exchange Cyber Risk With cyber invasions now a common place occurrence, insurance coverage isn t found in your liability policy. So many different types of computer invasions exist, but there is cyber risk insurance

More information

Black Hats, Firewalls, and Data Loss: Insurers Confront Data Breach Litigation

Black Hats, Firewalls, and Data Loss: Insurers Confront Data Breach Litigation Thomas W. Curvin Phillip E. Stano Mark Thibodeaux Tracey K. Ledbetter December 9, 2014 Black Hats, Firewalls, and Data Loss: Insurers Confront Data Breach Litigation INSURANCE AND FINANCIAL SERVICES LITIGATION

More information

ELECTRONIC DATA LIABILITY COVERAGE FORM

ELECTRONIC DATA LIABILITY COVERAGE FORM COMMERCIAL GENERAL LIABILITY CG 00 65 12 04 ELECTRONIC DATA LIABILITY COVERAGE FORM SECTION I THIS FORM PROVIDES CLAIMS-MADE COVERAGE PLEASE READ THE ENTIRE FORM CAREFULLY Various provisions in this policy

More information

THIS ENDORSEMENT CHANGES THE POLICY. PLEASE READ IT CAREFULLY.

THIS ENDORSEMENT CHANGES THE POLICY. PLEASE READ IT CAREFULLY. THIS ENDORSEMENT CHANGES THE POLICY. PLEASE READ IT CAREFULLY. NETWORK SECURITY ENDORSEMENT INTEGRATED TECH CLAIMS MADE CLAIM EXPENSES INCLUDED WITHIN THE LIMITS OF INSURANCE This endorsement modifies

More information

THE ANATOMY OF A CYBER POLICY. Jamie Monck-Mason & Andrew Hill

THE ANATOMY OF A CYBER POLICY. Jamie Monck-Mason & Andrew Hill THE ANATOMY OF A CYBER POLICY Jamie Monck-Mason & Andrew Hill What s in a name? Lack of uniformity in policies: Cyber Cyber liability Data protection Tech PI The scope of cyber insurance First party coverage

More information

Prepare for the Worst: Best Practices for Responding to Cybersecurity Breaches Trivalent Solutions Expo June 19, 2014

Prepare for the Worst: Best Practices for Responding to Cybersecurity Breaches Trivalent Solutions Expo June 19, 2014 Prepare for the Worst: Best Practices for Responding to Cybersecurity Breaches Trivalent Solutions Expo June 19, 2014 2014, Mika Meyers Beckett & Jones PLC All Rights Reserved Presented by: Jennifer A.

More information

Cyber Threats: Exposures and Breach Costs

Cyber Threats: Exposures and Breach Costs Issue No. 2 THREAT LANDSCAPE Technological developments do not only enhance capabilities for legitimate business they are also tools that may be utilized by those with malicious intent. Cyber-criminals

More information

Merchants Must Be Aware of Potentially Mishandled Credit Card Information

Merchants Must Be Aware of Potentially Mishandled Credit Card Information Merchants Must Be Aware of Potentially Mishandled Credit Card Information Jason Wright and Kevin Lyles Data security breaches are on the rise. A majority of states have enacted security breach notification

More information

Cyber Risks in Italian market

Cyber Risks in Italian market Cyber Risks in Italian market Milano, 01.10.2014 Forum Ri&Assicurativo Gianmarco Capannini Agenda 1 Cyber Risk - USA 2 Cyber Risk Europe experience trends Market size and trends Market size and trends

More information

Website & Email Hosting Terms & Conditions

Website & Email Hosting Terms & Conditions Website & Email Hosting Terms & Conditions 1-PARTIES Web Hosting Services are provided by TimeForCake Creative Media, Inc. ("TimeForCake") to Client conditional on the terms and conditions set forth below

More information

Cordova Telephone Cooperative/Cordova Wireless Communications. Internet Service Agreement

Cordova Telephone Cooperative/Cordova Wireless Communications. Internet Service Agreement Cordova Telephone Cooperative/Cordova Wireless Communications This agreement governs the terms and conditions under which Cordova Telephone Cooperative, Inc., operating under the service mark ctcak.net;

More information

First Northern Bank and Trust Co. Business Online Banking Application

First Northern Bank and Trust Co. Business Online Banking Application First Northern Bank and Trust Co. Business Online Banking Application Company Name Tax ID: Address City State ZipCode Contact Name Title Phone # Email Address Fax # Please select the following services

More information

Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation

Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation View the online version at http://us.practicallaw.com/7-523-1520 Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation Melissa J. Krasnow, Dorsey & Whitney LLP

More information

April 10, 2015 FLANNER HOUSE OF INDIANAPOLIS INC FLANNER HOUSE ELEMENTARY 2424 DR MARTIN LUTHER KING ST INDIANAPOLIS IN 46208

April 10, 2015 FLANNER HOUSE OF INDIANAPOLIS INC FLANNER HOUSE ELEMENTARY 2424 DR MARTIN LUTHER KING ST INDIANAPOLIS IN 46208 Liberty Mutual Insurance Processing Center PO Box 515097 Los Angeles, CA 90051-5097 April 10, 2015 FLANNER HOUSE OF INDIANAPOLIS INC FLANNER HOUSE ELEMENTARY 2424 DR MARTIN LUTHER KING ST INDIANAPOLIS

More information

The Insurance Coverage Law Information Center

The Insurance Coverage Law Information Center The following article is from National Underwriter s latest online resource, FC&S Legal: The Insurance Coverage Law Information Center. The Insurance Coverage Law Information Center VIRUSES, TROJANS AND

More information

Cyber Risks Management. Nikos Georgopoulos, MBA, cyrm Cyber Risks Advisor

Cyber Risks Management. Nikos Georgopoulos, MBA, cyrm Cyber Risks Advisor Cyber Risks Management Nikos Georgopoulos, MBA, cyrm Cyber Risks Advisor 1 Contents Corporate Assets Data Breach Costs Time from Earliest Evidence of Compromise to Discovery of Compromise The Data Protection

More information

Managing Your Cyber & Data Risk 2010 NTA Convention Montreal, Quebec

Managing Your Cyber & Data Risk 2010 NTA Convention Montreal, Quebec Managing Your Cyber & Data Risk 2010 NTA Convention Montreal, Quebec Jeremy Ong Divisional Vice-President Great American Insurance Company November 13, 2010 1 Agenda Overview of data breach statistics

More information

HIGHLIGHTS OF THE ERRORS AND OMISSIONS INSURANCE PROGRAM

HIGHLIGHTS OF THE ERRORS AND OMISSIONS INSURANCE PROGRAM HIGHLIGHTS OF THE ERRORS AND OMISSIONS INSURANCE PROGRAM For the Agents of Midland National Life Insurance Company and the Agents of North American Company for Life and Health Insurance 2008-2009 Insurer

More information

Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation

Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation Melissa J. Krasnow, Dorsey & Whitney LLP A Note discussing written information security programs (WISPs)

More information

General Terms and Conditions (GTC)

General Terms and Conditions (GTC) General Terms and Conditions (GTC) General Terms and conditions of the Internet portal swissbiotech.org, valid from 01.11.2011 Table of contents 1 Contracting parties... 1 2 Registration and use of services...

More information

DATA BREACH COVERAGE

DATA BREACH COVERAGE THIS ENDORSEMENT CHANGES THE POLICY. PLEASE READ THIS CAREFULLY. DATA BREACH COVERAGE SCHEDULE OF COVERAGE LIMITS Coverage Limits of Insurance Data Breach Coverage $50,000 Legal Expense Coverage $5,000

More information

TERMS OF SERVICE TELEPORT REQUEST RECEIVERS

TERMS OF SERVICE TELEPORT REQUEST RECEIVERS TERMS OF SERVICE These terms of service and the documents referred to in them ( Terms ) govern your access to and use of our services, including our website teleportapp.co ( our site ), applications, buttons,

More information

Insurers Not Obligated to Defend in ZIP Code Coverage Suits

Insurers Not Obligated to Defend in ZIP Code Coverage Suits Insurers Not Obligated to Defend in ZIP Code Coverage Suits By Bryana Blessinger Hill & Lamb LLP Portland, Oregon Insurers are increasingly faced with privacy and data-breach related claims. One of the

More information

Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation

Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation View the online version at http://us.practicallaw.com/7-523-1520 Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation MELISSA J. KRASNOW, DORSEY & WHITNEY LLP

More information

Designation of employee(s) in charge of the program; Identifying and assessing risks/threats and evaluating and improving

Designation of employee(s) in charge of the program; Identifying and assessing risks/threats and evaluating and improving PRIVACY & DATA SECURITY LAW JOURNAL MASSACHUSETTS On September 22, 2008, Massachusetts adopted regulations that will require businesses, wherever located, that own, license, store, or maintain information

More information

CyberSecurity for Law Firms

CyberSecurity for Law Firms CyberSecurity for Law Firms Cracking the Cyber Code: Recent Headlines, Reinforcing the Need and Response Planning July 16, 2013 Making the Case Matthew Magner Senior Underwriting Officer Chubb & Son, a

More information

Cyber Risk: Global Warning? by Cinzia Altomare, Gen Re

Cyber Risk: Global Warning? by Cinzia Altomare, Gen Re Cyber Risk: Global Warning? by Cinzia Altomare, Gen Re Global Warning It is a matter of time before there is a major cyber attackon the global financial system and the public needs to invest heavily in

More information

Protecting Personal Information: The Massachusetts Data Security Regulation (201 CMR 17.00)

Protecting Personal Information: The Massachusetts Data Security Regulation (201 CMR 17.00) Protecting Personal Information: The Massachusetts Data Security Regulation (201 CMR 17.00) May 15, 2009 LLP US Information Security Framework Historically industry-specific HIPAA Fair Credit Reporting

More information

Sycamore Leaf Solutions LLC

Sycamore Leaf Solutions LLC Sycamore Leaf Solutions LLC Terms of Service Terms of Service The Terms of Service for Sycamore Leaf Solutions ("Terms of Service") are effective immediately upon the User's acceptance of the Terms of

More information

Coverage for Cyber-Liability Under Existing Policies

Coverage for Cyber-Liability Under Existing Policies Guild Yule LLP Coverage for Cyber-Liability Under Existing Policies September 19, 2014 Adam Howden-Duke This paper is intended to give general information about legal topics and is not a compete statement

More information

The Matrix Reloaded: Cybersecurity and Data Protection for Employers. Jodi D. Taylor

The Matrix Reloaded: Cybersecurity and Data Protection for Employers. Jodi D. Taylor The Matrix Reloaded: Cybersecurity and Data Protection for Employers Jodi D. Taylor Why Talk About This Now? Landscape is changing Enforcement by federal and state governments on the rise Legislation on

More information

COLOCATION AGREEMENT. 1. Term and Payment for Services

COLOCATION AGREEMENT. 1. Term and Payment for Services COLOCATION AGREEMENT This Colocation Agreement ( Agreement ) governs your purchase and use of all colocation and related services (the Services ), as described in the Order Form, that you order and Oracast,

More information

Mobile Banking Services Addendum To the Agreement and Disclosure for 24/7 Online Banking A Service of Pendleton Community Bank, Franklin, WV

Mobile Banking Services Addendum To the Agreement and Disclosure for 24/7 Online Banking A Service of Pendleton Community Bank, Franklin, WV Mobile Banking Services Addendum To the Agreement and Disclosure for 24/7 Online Banking A Service of Pendleton Community Bank, Franklin, WV This is an addendum to the Agreement and Disclosure for 24/7

More information

ACCESS TO ACCOUNTS VIA THE INTERNET.

ACCESS TO ACCOUNTS VIA THE INTERNET. Internet Banking Service Agreement Terms and Conditions This Internet Banking Services Agreement Terms and Conditions (Agreement) between you and Glacier Bank govern the use First Security Bank, a Division

More information

Don t Be a Victim to Data Breach Risks Protecting Your Organization From Data Breach and Privacy Risks

Don t Be a Victim to Data Breach Risks Protecting Your Organization From Data Breach and Privacy Risks Don t Be a Victim to Data Breach Risks Protecting Your Organization From Data Breach and Privacy Risks Thank you for joining us. We have a great many participants in today s call. Your phone is currently

More information

Best practices and insight to protect your firm today against tomorrow s cybersecurity breach

Best practices and insight to protect your firm today against tomorrow s cybersecurity breach Best practices and insight to protect your firm today against tomorrow s cybersecurity breach July 8, 2015 Baker Tilly Virchow Krause, LLP Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently

More information

HIPAA BUSINESS ASSOCIATE AGREEMENT

HIPAA BUSINESS ASSOCIATE AGREEMENT HIPAA BUSINESS ASSOCIATE AGREEMENT This HIPAA Business Associate Agreement ("BA AGREEMENT") supplements and is made a part of any and all agreements entered into by and between The Regents of the University

More information

Tuition Online Banking Agreement and Disclosure

Tuition Online Banking Agreement and Disclosure Tuition Online Banking Agreement and Disclosure I. TUITION ONLINE BANKING Please read carefully the Tuition Online Banking Agreement for First Bank and Trust's ( FBT ) Tuition Online Banking system. The

More information

TechDefender SM. Tech E&O, Network Security, Privacy, Internet Media, and MPL Insurance Application

TechDefender SM. Tech E&O, Network Security, Privacy, Internet Media, and MPL Insurance Application IRONSHORE INSURANCE COMPANIES One State Street Plaza New York, NY 10004 Tel: 646-826-6600 Toll Free: 877-IRON411 TechDefender SM Tech E&O, Network Security, Privacy, Internet Media, and MPL Insurance Application

More information

AGREEMENT FOR ACCESS TO PROTECTED HEALTH INFORMATION BETWEEN WAKE FOREST UNIVERSITY BAPTIST MEDICAL CENTER AND

AGREEMENT FOR ACCESS TO PROTECTED HEALTH INFORMATION BETWEEN WAKE FOREST UNIVERSITY BAPTIST MEDICAL CENTER AND AGREEMENT FOR ACCESS TO PROTECTED HEALTH INFORMATION BETWEEN WAKE FOREST UNIVERSITY BAPTIST MEDICAL CENTER AND THIS AGREEMENT for Access to Protected Health Information ( PHI ) ( Agreement ) is entered

More information

Cyberinsurance for Financial Institutions

Cyberinsurance for Financial Institutions Cyberinsurance for Financial Institutions PRESENTERS Panelists Patrick Cox, CIPP/US, SVP, CPO, LPL Financial Scott Godes, Partner, Barnes and Thornburg LLP Brent Rieth, VP, Team Leader, Financial Services

More information

FINAL May 2005. Guideline on Security Systems for Safeguarding Customer Information

FINAL May 2005. Guideline on Security Systems for Safeguarding Customer Information FINAL May 2005 Guideline on Security Systems for Safeguarding Customer Information Table of Contents 1 Introduction 1 1.1 Purpose of Guideline 1 2 Definitions 2 3 Internal Controls and Procedures 2 3.1

More information

Case 2:13-cv-01887-ES-JAD Document 282-1 Filed 12/09/15 Page 1 of 18 PageID: 4861 THE UNITED STATES DISTRICT COURT FOR THE DISTRICT OF NEW JERSEY

Case 2:13-cv-01887-ES-JAD Document 282-1 Filed 12/09/15 Page 1 of 18 PageID: 4861 THE UNITED STATES DISTRICT COURT FOR THE DISTRICT OF NEW JERSEY Case 2:13-cv-01887-ES-JAD Document 282-1 Filed 12/09/15 Page 1 of 18 PageID: 4861 THE UNITED STATES DISTRICT COURT FOR THE DISTRICT OF NEW JERSEY Federal Trade Commission, Plaintiff, v. Wyndham Worldwide

More information

Terms of Service. 1. Acceptance Of Terms. 2. Use Of Customer Information And Privacy Policy. 3. Ownership Of Site Content

Terms of Service. 1. Acceptance Of Terms. 2. Use Of Customer Information And Privacy Policy. 3. Ownership Of Site Content Terms of Service 1. Acceptance Of Terms IT4Professionals is an Internet-based Web site that offers webdesign, domain name registration, hosting, dynamic DNS, email and sms marketing, PC services and software

More information

TERMS OF USE. Last Updated: October 8, 2015

TERMS OF USE. Last Updated: October 8, 2015 1666 K Street, N.W. Washington, DC 20006 Telephone: (202) 207-9100 Facsimile: (202) 862-8430 www.pcaobus.org TERMS OF USE Last Updated: October 8, 2015 This Terms of Use Agreement (this "Agreement") is

More information

ENROLLMENT AGREEMENT FOR QUALIANCE

ENROLLMENT AGREEMENT FOR QUALIANCE ENROLLMENT AGREEMENT FOR QUALIANCE PLEASE READ THE TERMS OF THIS ENROLLMENT AGREEMENT (THIS AGREEMENT ) CAREFULLY BEFORE SUBMITTING YOUR SUBSCRIPTION ORDER THIS AGREEMENT GOVERNS ACCESS TO AND USE BY THE

More information

Managing Cyber Risk through Insurance

Managing Cyber Risk through Insurance Managing Cyber Risk through Insurance Eric Lowenstein Aon Risk Solutions This presentation has been prepared for the Actuaries Institute 2015 ASTIN and AFIR/ERM Colloquium. The Institute Council wishes

More information

Terms and Conditions Mobile Check Deposit

Terms and Conditions Mobile Check Deposit For Mobile Deposits, please: 1. Sign (endorse) your check 2. Under your signature write "For e-deposit only at Market USA" Ex. Joe Member for e-deposit only at Market USA *Please destroy deposited checks

More information