Cyber Liability / Privacy Liability
Cyber Liability or Privacy Liability - provides insurance to any business, including not-for-profit organizations that:
• Obtains social security numbers, drivers license numbers, bank account numbers of clients or employees.
• Has access to patient medical records.
• Is in the process of going ‘paperless’ or keeps paper files onsite.
• Provides online access to sensitive data.
• Allows laptops or access to their network from a remote location.
• Relies on their computer network on a daily basis.
This Insurance Pays for:
• Costs to comply with federal and/or state required notification.
• Regulatory proceedings(including fines and penalties) as a result of a privacy breach. This includes HIPAA violations.
• Employees (teachers, volunteers) and/or groups of affected individuals(alumni, current students, parents) suing for damages as a result of a privacy breach.
• Liability for the transmission of malicious code to an outside party.
• Denial of service attack on your network, causing computer system to go down and business interruption expenses.
• Intellectual property/privacy lawsuits. These include libel/slander arising out of content that is on your internet or intranet sites.
Who needs Cyber Liability Insurance?
Any business with a computer or website or that obtains Personal Information (social security numbers, drivers license numbers, bank account numbers) of clients or employees.
In 2017, 1.8 million records were targeted, median number of records lost was 1,091. Hackers caused 27% of the incidents, Malware/Virus caused 16%, and Third Parties (Vendors) accounted for 13% of the incidents.
Healthcare and Professional Services were the most breached sectors (18% each) followed by Financial Services (13%), Retail (11%) and Non-Proft (8%)
PCI was the most frequently exposed data.
The average breach cost was $394,000, the average cost per record was $303. Legal Defense median cost $15K, Crisis Services median $36K and Legal Settlement median cost $50K
- Client information was on a case manager’s laptop that was stolen from her office. Files on the laptop contained patient names, social security numbers, dates of birth, addresses, phone numbers, medical condition information and case information.
- Third-party vendor that hosted a foundation’s website experienced a security incident. Customers who donated to the organization may have had their names, dates of birth and credit card information accessed.
- Adult day care’s computer network is down for 4 days as a result of a Trojan horse attack and are unable to provide any services as a result. There is a need to hire experts to correct their system and get it back to where it was functioning.
- In an effort to go paperless, cleaning crew at a HIV awareness organization discards all employee files in an unsecured dumpster. Personal information of all employees is compromised and those affected join a class action suit against the non-profit.
- Animal shelter holding a golf tournament posts information regarding the event on their website. As a result of the shelter not getting permission to use a golf company’s logo, they are sued for copyright infringement.
Thank you so much for your time. You are so great at what you do and I can’t tell you how much I appreciate it when people take pride in their work and do it well. Less money and more coverage… doesn’t get much better than that!
-- Jana Morris, Executive Director, Recovery Revolution, Bangor, Pa.
Ron Martin- not just my insurance guy but now a friend! He is sincere and truly cares about you and the success of my business. Checks in periodically just to see how we all are doing. Insurance buying was never so easy. Thanks, Ron.
-- J.& D. Morgan, Monkey's Uncle, Doylestown, Pa