Russell Bond & Co., Inc. June 2017  
 
A Look at Data Breach from Another Angle 
 
Let's look at a data breach from a different angle.  Most policies have multiple coverage sections (modules).  Network Security provides coverage for a failure to protect the insured's data. Privacy Liability covers a failure to protect information such as Personally Identifiable Information (PII) and Personal Health Information (PHI).  When handling PII and PHI, there are many exposures to consider.  If the answer to any of the following questions is YES, your insured has an exposure.

Does the insured handle confidential information?

  • Employee information; ie., bank account, health records, social security #s
  • Confidential client information including personal and corporate; ie., bank account info

Where is the information stored?

  • Computers / lap tops / mobile devices
  • Paper files

Does the insured have a website?

  • What content is stored on the website?
  • Can employees or a third party update content from the website, such as blogs, pictures or comments?

How can a data breach occur?

  • Internally, including employees and vendors:
         a. Malicious - stealing information (ie. card skimming) - over 35% of breaches occur from this
         b. Negligence - lost devices, incompetence, mistakes
         c. Vendor Contracts - what is the indemnification in the contract
  • Externally - hackers, organized crime
         a. Stealing information
         b. Sending viruses / malicious code
         c. Disruption of business - vandalism
A Privacy & Security policy can include:

Network Security: provides coverage for failure of the insured to protect their computer systems from viruses, malicious code, malware attacks.  This includes forensic costs, public relations and lost income

Privacy Event: provides coverage for a failure to protect confidential information (PII, PHI).  Most states (47) have privacy laws in place, not to mention the numerous federal laws and regulatory actions.

First Party Coverage: covers costs for Breach & Legal Consultation, Forensic Investigation, Public Relations Services, Notification, ID and Credit Monitoring, Lost Electronic Data
 
Have your clients budgeted for a breach?
EXAMPLE 1:  A car wash and detailer was advised by their IT company, which hosts their computer servers, that a hacker may have gained access to their website.  Possible compromised PII includes customer names, email addresses, physical / billing addresses, telephone numbers, credit card / debit card numbers with security codes and expiration dates.

EXAMPLE 2:  An employee of a media company was the target of a sophisticated phishing attack.  This led to other employees being targeted through similar phishing emails, which resulted in the compromise of PII of the company employees, their dependents and their beneficiaries.
  
No two policies are the same.  We specialize in Privacy & Security coverage,
know the in's and out's of each form and have access to the leading markets.

Call us for more information:  800-333-7226
 
Tonya Hollederer Joanna Brancaleoni Ed Chadwick Jackie Oddo
Tonya Hollederer, ext. 133
Team Leader
thollederer@RussellBond.com

 
Joanna Brancaleoni, ext. 121
jbrancaleoni@RussellBond.com
Ed Chadwick, ext. 261
echadwick@RussellBond.com
Jackie Oddo, ext. 161
joddo@RussellBond.com
        
A Wholesale Insurance Broker Unlike Any Other TM
 
____________________________________________________________________________
67 Years
1950 - 2017
866 Ellicott Square Bldg.  |  295 Main Street  |  Buffalo  |  NY  |  14203
1670 Whitehorse - Hamilton Square Road  |  Hamilton  |  NJ  |  08690
Hampton Ponds Plaza # 12 |  1029 North Road  |  Westfield  |  MA  |  01085
800.333.7226  |  www.RussellBond.com  |  Fax: 800.677.6779
Trusted since 1950