By Amye Anderson
UCBJ Managing Editor
UPPER CUMBERLAND – Targeted data breaches, theft of physical equipment used to process personal client data, and simple carelessness when handling sensitive information can create headaches for businesses large and small. Losses, including those caused by a device loss, hacking, accidental publication, or misplacement or theft of files, can happen to anyone and, in the wrong hands, can have devastating consequences.
Even with the best security systems and layers of protection in place, personal data can end up in the wrong hands; and, without the proper insurance coverages in place, the breached company could end up shelling out hundreds-of-thousands or even millions of dollars in investigation and forensics work, as well as notifications, and monitoring costs and spending countless hours performing damage control.
“Data breaches take many forms,” said Kelly Swallows, Vice President of Operations with Swallows Insurance Agency. “Some derive from external hackers; others from malicious insiders. A third, and surprisingly large category, derives from simple carelessness.”
Swallows can provide numerous examples of data breaches, both intentional and accidental; and, how proper insurance coverage saved them from significant financial losses.
In one case, a healthcare patient was the victim of a rogue facility employee who stole their personal health information, along with the private information of several other patients, in order to obtain fraudulent narcotics prescriptions.
With the help of the healthcare providers’ cyber liability insurance carrier, the company was able to retain expert legal counsel, provide notification letters to the affected patient group, and offer credit monitoring and identity fraud resolution services — a service with annual costs ranging from $110 to $200.
Having a cyber liability and data breach policy and carrier in place can lessen, if not eliminate, the financial burden a data breach can have on the affected company.
Personal information, such as credit data, health care information, along with Social Security numbers, account information, or other identity information on an individual, are prized pieces of information to cyber thieves, who often use the stolen data to make fraudulent purchases, open new accounts, or even sell the data to other identity thieves.
Cyber liability and data breach policies also help protect companies in the event legal action is taken against them. Data breach coverage pays for response expenses as well as defense and liability costs while a cyber liability policy covers the costs of defense, settlement, and judgements in the event of a lawsuit. This policy also covers the costs for data and systems restoration.
Cyber and privacy policies typically cover a business’ liability for a data breach in which the firm’s customers’ personal information – Social Security or credit card numbers – is exposed after a breach of the company’s data network.
It’s important to note that cyber and privacy insurance, though similar regarding some of the same insuring agreements, is not the same as technology errors and omissions insurance.
When opting for a cyber liability and data breach policy, Swallows recommends ensuring these items are covered:
- Forensic — to provide computer security services in the event of an actual or suspected breach incident.
- Legal — to determine the applicability of, and the actions necessary to comply with, breach notice laws.
- Breach notification.
- Call center.
To learn more about cyber liability and data breach coverage options, visit www.swallowsinsurance.com or call (931) 526-4025 today for a quick quote or more information.