Cyber Liability Insurance

As absolute dependence on computers and computer stored information grows there are new ways companies can be sued by third parties for damages.  When private information such as dates of birth, social security numbers, credit card numbers, etc are stolen off of your business' computer systems, it is called a data breach, and they are very costly to manage.  The insurance industry has calculated this cost to be about $200 per individual whose information was taken.  Also, if a malicious virus is distributed from your computer to a customer’s computer system and causes damage, you could be held responsible for cost to repair their system.  Your basic general liability policies are not designed to pay for such claims so many times when businesses look to their business policies the coverage is not there to help with these expenses.  Because of that, insurance companies have developed a new product called cyber liability.  It is designed to step up and pay for the third party damages caused by your data breaches and damage by viruses to other’s computer system.

So what kinds of business should be looking into this new cyber liability products?  Any business with a computer, especially one that stores or interacts with any private information or distribute emails to others should look into this product.  Restaurants and retail stores that take credit cards, professional business that store dates of birth, driver’s license numbers and social security numbers, even doctors’ offices are at risk for the types of claims mentioned above.  Unfortunately, even if a business has the best firewalls and antivirus software, they still are at risk of data breaches and malicious viruses.  Cyber liability is something designed to help protect your business assets if an unpreventable claim strikes.

Insurance Journal Article on Cyber Liability

On March 5th, 2012 the Insurance Journal published an article called "What Insured's Should Know About Avoiding Cyber Liability Exposures".  It was written by Christopher Bomar of  Boomarang Data Backup.  In the article he brings up scenarios of possible insurance claims, where the gaps might be in covering such claims and how to avoid such gaps.  It is a well written article and even has a quote from one of Fey Insurance's very own, Brian Fey. 

Please take a look at the article as it does a great job of showing the current status of Cyber Liability needs, gaps and exposures.

Article: What Insured's Should Know about Avoiding Cyber Liability Exposures

Protecting Your Customer's Sensitive Information

Businesses subject to the Financial Modernization Act of 1999 (also know as the Graham-Leach-Bliley Act) are required to comply with provisions that protect personal and financial information to maintain the trust and confidence of their customers.

Companies should develop a written information security plan that describes, among other things, the specific ways their employees should protect consumer information.

Sloppy handling of personal and identifying information can be devastating to a small business. A breach of security of this information can lead to personal identification theft of customers, and can open the company up to liability. The loss of reputation alone can destroy an otherwise successful company. So how can your company take steps to protect your customer’s information? Here are five steps that you might consider implementing:

1. Create a paper trail that documents your operations. Once you know where the trail starts and ends, you can analyze each step and develop a plan ensuring security of information. Limit access to sensitive data when possible and dispose of sensitive documents by shredding.

2. Electronic data should be protected with passwords and encryption.

3. If you use third-party services in the process of taking care of your customers, make sure they adhere to strict privacy standards. Ask for a copy of their privacy guidelines.

4. Regularly communicate with employees regarding your company’s privacy activities. Reference compliance within your employee handbook.

5. Have a plan to guide you if there is a breach of security. Know who to contact, what data to protect and how long it should take to plug the gap. You should also have a plan for notifying affected customers in the event of a breach.

Data Loss

If a fire where to occur at your business it is relatively easy to replace desks, chairs, decorations and even computers and network systems. The part that is very difficult to replace is data. Every business has data. Whether it is your computerized bookkeeping, client management data and software, important electronic documents or your Outlook calendar, they all serve as a vital part of your business and would leave you at a loss without them. With items like office furniture and computers you can go out and purchase replacements with very little difficulty. Data, however, is something that is specifically created over time and when lost is very difficult to recreate or replace.

There are two suggestions that I would like to share in this blog article. The first is securing your data either through backup tapes, off site backup or cloud computing. The second is insurance protection to help pay for the cost of recreating your data or extracting your data from damaged computer hardware.

The first suggestion of securing your data is probably the most reliable and sure fire way to prevent the nightmare of lost data. There are so many offerings out there of companies like Mozy that help to back up your business servers and data off site. If a fire destroys the server in your office all you would need to do is buy a new server, download your data from the offsite backup system and you are up and running again. Cloud computing is another offsite way to secure data. Instead of your data being stored on computers in your office they are stored on specialty servers throughout the country. All you are doing each time you access the data is pulling up the information via online so if a fire renders your computer useless you just purchase another computer, login to your online cloud and access your data. Backup tapes are probably the least effective because they require you to remember to take them offsite and require you to remember to update the tapes on a regular basis.

Insurance is the second suggestion on how to prevent data loss. One caveat about this topic is that technology is constantly changing and insurance companies are always trying to catch up with how to best insure this moving target. There are currently specialty coverages out there that help an insured pay for the costs of salvaging lost data. Coverage can be added to business policies that help pay for the forensic work that would need to be done on a fire damaged hard drive that possible still stores your company’s data. Some insurance products help you to repurchase lost software programs that can be very costly to replace. There are times when you need to hire extra staff for a short period to help reestablish your bookkeeping after a fire. Insurance can help pay for this extra cost.

In future blog post we will be sure to focus on what the actual insurance products are that can help protect the loss of your data and we will also write more on data backup services as well. In the mean time, work with your IT departments or consultants to figure out the best cost effective way to secure your data as well as talk with your insurance agent to figure out how to best insure your data.