Creating a Web of coverage for cyber events: so-called cyber insurance policies have become widespread, but many policies may fall short of addressing the full range of possible computer-generated perils.
| Author | Carr, Michael |
| Position | INSURANCE |
The experts who pioneered business insurance likely never envisioned a day when companies could be victimized by theft, yet still possess the stolen goods. Or have vital records damaged irreparably by a lone individual sitting in his bedroom halfway around the world. Or be sued for libel because of something written by a customer.
[ILLUSTRATION OMITTED]
Cyber insurance was created to address the evolving technology risk landscape, and many firms wisely are making such coverage an integral part of their insurance programs. Unfortunately, many cyber insurance policies fall short of addressing the wide range of perils that exist, creating a false sense of security that often is not evident until it's too late.
During the past decade or so, concepts such as loss, damage, business interruption, disparagement, emotional distress and even property have been altered dramatically by the mass adoption of technological applications. These evolving notions have created dangerous coverage gaps in traditional policies.
Consider, for example, the issue of privacy injury. Today, most general liability policies' privacy coverage is limited to oral and written publication of confidential information. Since the unauthorized disclosure of data from hacking does not involve any kind of intentional publication, it may not be covered under general liability. That means you could be unprotected from lawsuits stemming from privacy breaches involving personal information, such as credit card numbers and medical records; and competitive data, including trade secrets and patent filings.
[ILLUSTRATION OMITTED]
The theft of confidential data via the Internet probably will not be covered by typical property or crime/fidelity insurance, either, because these policies generally apply to theft of tangible property. Also, neither property nor general liability policies are likely to offer reimbursement for the cost of damage control, which includes notifying clients their personal information was compromised--as required by statute in more than 35 states so far--and providing compensatory services.
Another coverage gap relates to emotional distress. Many general liability polices provide coverage only for emotional stress resulting from physical injury. Yet, privacy breach suits typically seek damages for embarrassment, stress or mental anguish resulting from private information being made public. Since there is no underlying physical injury, such damages may not be covered.
...To continue reading
Request your trialCOPYRIGHT GALE, Cengage Learning. All rights reserved.
