Cyber-Crime Protection

Transcription

1 Cyber-Crime Protection A program of cyber-crime prevention, data breach remedies and data risk liability insurance for houses of worship, camps, schools, denominational/association offices and senior living communities.

2 Cyber breaches and subsequent liability risks are top of mind across all industries, including houses of worship, schools, camps and senior living communities. If you use computers and servers and collect private information, you are at risk for any number of threats, including: Hackers Malware and viruses Staff error System glitches Theft Church Mutual is here to help To help better protect our customers, we re working with CMIC Specialty Services and Identity Fraud Inc. to provide cyber liability insurance, breach response remedies, business identity protection and other related data theft risk management services. The program is offered through either individual policies or master policies, with each participating policyholder receiving a certificate where appropriate. This streamlined method allows Church Mutual customers to purchase coverages and related services at favorable pricing. The program is available at two levels Core Cyber and SB Core Protector. 2 3

3 Core Cyber This first level includes five broad areas of prevention measures and insurance: 1. Data risk liability insurance Coverage is provided for: Any event that has resulted in, or could reasonably result in, the fraudulent use of private information Loss or theft of personal and/or business data both electronic and paper Failure to disclose/notify affected parties per breach notification laws Regulatory fines and penalties Payment Card Industry/Data Security Standard fines and penalties (up to a $250,000 sublimit) Internet media liability, including copyright infringement, plagiarism, theft of ideas, invasion of privacy, defamation, slander, negligent infliction of emotional distress and more Other related court judgments and settlements Available limits range from $50,000 to $1,000,000 per annual term. For limits below $500,000, there is a $1,000 retention (deductible). For limits at or above $500,000, the retention is $2, Data breach response remedies Covers expenses related to a breach in data, which include: e-business network interruption Loss of business income Reconstruction of data Cyber extortion Forensic investigation/audits Crisis management Legal consultation Public relations Notifications/mailings Remedies for identity theft education and assistance Victim cost reimbursement insurance Credit file or identity monitoring The data breach coverage limit is 50% of the data risk liability limit you purchase, up to a maximum of $250,000. A $1,000 retention applies. 4 5

4 3. Incident Response On-Demand Around-the-clock access to experts who will assist you with: Incident analysis to determine if a data breach occurred and if sensitive data was lost Strategic planning of the response Notification of the data breach to those whose information was compromised in the breach. This includes assistance in creation of the notification, address verification and mailing services. Victim resolution services, such as a telephone hotline to answer questions and concerns Consumer identity protection, such as credit monitoring Incident Response On-Demand services and covered expenses are subject to the data breach sublimits. 4. Identity protection for all full-time employees If any of your full-time employees become individual victims of identity fraud or identity theft, they receive coverage for: Reasonable legal fees for defense, removal of judgments and contesting of incomplete or inaccurate records Lost wages while taking time off work to resolve an incident, up to $2,000 Other expenses, such as communications with institutions, credit card monitoring and personal records monitoring Assistance with responding to the fraud or theft The annual limit per employee is $15,000. There is no deductible. 5. Risk management services and education module Help prevent yourself from becoming a victim of cyber crime with the following risk management tools: Computer vulnerability scans (internal assessments) Mobile device vulnerability scans Online training modules for employee education, information security and technology Keystroke encryption software (downloadable) Sample incident response plans 6 7

5 SB Core Protector This second, more robust, level adds Business Identity Protection to the Core Cyber plan. The program helps you promptly learn of potential business identity fraud through: Business credit monitoring and alerts Business cyber monitoring, which scans the Internet, chat rooms, bulletin boards and other online sources, searching for your organization s identifying information Unlimited access to your organization s credit profile It covers: Professional fees Defense of lawsuits or criminal allegations Removal of any fraudulent civil or criminal judgments Contesting the inaccuracy or incompleteness of any information or records containing your business information Lost wages while taking off work to resolve an incident Other allowable miscellaneous costs, such as travel, client communications and business records monitoring Educational white papers Business identity fraud insurance features a $50,000 annual limit, with an annual deductible of $100. For pricing information and to apply for Core Cyber or SB Core Protector protection, contact your Church Mutual representative or visit 8 9

6 Think cyber crime can t happen to you? Think again. Just take a look at the following examples to learn why everyone should have appropriate coverage. Data breach at an assisted living facility The United States Secret Service identified a potential HIPAA breach that may have compromised data for 100 residents. As a result, an experienced team of dedicated cyber claims specialists quickly engaged a breach coach and a forensic investigator. Knowledgeable partners helped ensure the incident was properly handled and reported to the state regulatory agencies. A pastor s laptop stolen A pastor s laptop containing members private financial information was stolen from his home. As a result, members sued the church for damages resulting from alleged failure to protect their private financial information. Theft by an employee A private school secretary stole a donor s credit card information, resulting in a forensic investigation, a lawsuit and a Payment Card Industry (PCI) fine. The total cost of investigation, fine and settlement approached $50,000. A costly mistake A staff member at an assisted living facility commented on a resident s health matter on a social media site. The HIPAA violation and resulting legal expenses exceeded $250,000. An online bookstore hacked An online religious bookstore had its transaction processing system hacked. Thieves collected credit card data over the course of one year before the Secret Service notified the retailer s manager. A credit card company issued thousands of dollars of PCI-related contractual fines and penalties to the payment processor who, in turn, contractually passed the obligation to the bookstore. A malware data breach at a conference center A conference center s computer system was compromised when a third party sent a malware program via to a number of employees. The invasive software allowed the third party to access the system and capture the names, addresses and credit card numbers of more than 500 guests

7 This program is offered by Church Mutual through CMIC Specialty Services and Identity Fraud Inc. and its business partners. PMS 293 CMIC Specialty Services is a subsidiary of Church Mutual Insurance Company. Core Cyber and SB Core Protector are trademarked names of Identity Fraud Inc. This literature contains only illustrative information about available coverages and protection benefits and is not a policy contract. Refer to your insurance policies and specific program terms for complete descriptions of coverages, benefits, limitations and exclusions. The insurance coverages outlined herein are administered by Identity Fraud Inc. and underwritten by A-rated insurers. Various other services are provided by Identity Fraud Inc. and/or its technology partners. For more information, contact [email protected]. Para obtener asistencia inicial en español puede telefonear al (800) o enviar un correo electrónico a la dirección [email protected]. Listening. Learning. Leading. is a registered trademark of Church Mutual Insurance Company. FM: S962 (3-2014) 2014 Church Mutual Insurance Company 3000 Schuster Lane P.O. Box 357 Merrill, WI (800)