A Greater Town : US : NY : New York : Legal & Financial : Insurance — Special Risks Insurance

Evaluating Data Breach Insurance Policies

Special Risks Insurance

Updated on Mar 26, 2013

Edit post | View more like this | Visit New York, NY | Contact Cyber Data Risk Managers
Evaluating Data Breach Insurance Policies
by Christine Marciano, President, Cyber Data Risk Managers

Until recently, most businesses purchased data breach insurance to help with response costs. Now, it seems they're purchasing it out of fear of a lawsuit. With many data breach lawsuits making recent headlines, it's no surprise. Finding the right policy, though, is an important step in being fully protected.

Once you are ready to shop for data breach insurance, its important to carefully evaluate the purchase of a data breach insurance policy from a variety of angles. The types of coverage offered by data breach insurance policies vary dramatically by insurance carrier, so its good to start by talking with a knowledgeable insurance broker who has experience with data breach insurance policies.

When evaluating and considering the purchase of a data breach insurance policy, there are several important steps prior to actually investing in the policy:

- Determine how much insurance you need and how much risk you can afford to retain. Once the amount of insurance you need is determined, figure out how much you can afford to pay out of pocket before any insurance claims may be paid. This will help you determine your retention or deductible.

- Review the types of coverage provided. While data breach insurance policies are not standard policies, and vary widely, coverage typically falls into three categories: liability, breach response costs, and fines and penalties. Some things to consider are: Does the insurance carrier have experience with your industry? Is there any special coverage applicable to your specific industry or business?
(For example, if your organization must adhere to PCI-DSS regulations, you may want to choose a policy that offers coverage for PCI-DSS non-compliance or regulatory fines or penalties for PCI-DSS non-compliance.)

- Know what triggers the policy. Will coverage be triggered for a stolen or lost unencrypted laptop or USB flash drive? Loss related to the failure to secure data? Loss related to a breach caused by a negligent employee? Data held in the cloud? What happens if you experience a data breach in which public data is exposed?

- What types of data are covered? Some carriers specify the types of data covered, while others do not. Some things to consider: How is sensitive data defined in the policy? Are paper records included?

- What response costs and services are covered in the event of a breach? Most carriers offer coverage for breach response costs and breach services. You will want to check to see if the following are covered (at least): crisis management and breach notifications, credit monitoring, loss of business income, privacy regulatory defense and penalties, computer forensics investigation, and the hiring of a privacy attorney.

- Find out if you can select your own vendors or counsel. Often, businesses prefer to select their own vendor or counsel, especially if they have a pre-existing relationship with these professionals. Find out upfront whether or not you have a choice or must use the vendors and/or counsel selected by the insurer.

Cyber risk is now considered one of the top emerging risks a business faces and data breaches will continue to happen. Data breach insurance offers a great solution to responding to a breach and helps offer peace of mind if a lawsuit were to happen.

*Article originally appeared in http://www.point2security.com (7/3/12)


Christine Marciano
US toll free: 1 +855.CUT.RISK
Fax: 1 +732.709.1684
Twitter: @DataPrivacyRisk

goodideazs, LLC is not affiliated with the authors of this post nor is it responsible for its content, the accuracy and authenticity of which should be independently verified.

About | Advertise | Terms | Privacy | Contact A Greater Town

Top Business Listings | Banner Art Gallery | Blog | Seo Site Crawler

Copyright © 2007-2019 goodideazs, LLC. All rights reserved.