Todays technology-based world is changing daily resulting in more reliance on digital systems and data for their work. All businesses face new and unknown exposures to network security and privacy breaches, but professional practices are highly targeted due to the wealth of valuable data that can be obtained in a cyber attack. Many feel or have been incorrectly advised that they are fully protected by utilizing cloud based and third party hosting services, however regulatory requirements place the ultimate legal responsibility with the record originator (YOU), not the record holder.
A comprehensive cyber insurance policy is essential for professional practices because it provides coverage against actual or potential cyber threats and data breaches that can compromise sensitive client data and information. There are generally two key parts to a cyber insurance policy, which are:
- First-party cyber liability insurance supports law firms with the direct financial impact of a breach or cyber attack in their network or system. This can range from fees associated with restoring data, income loss due to downtime, crisis management, or forensic investigations—to name a few examples.
- Third-party cyber liability insurance protects law firms from liability claims against them in the event of a breach. Coverage can span from payments to clients whose data is affected to regulatory fines for noncompliance.
Cyber Coverage Highlights:
- Cyber Extortion / Ransomware Events (red check)
- Includes extortion expenses and extortion monies as a direct result of a credible cyber extortion threat. (smaller green check under)
- Legal Expense, IT Forensics, Public Relations Expense and More
- Coverage for cost of specialists needed to fully assess and handle a breach event.
- Cost of Notifications/Credit Monitoring
- Mandatory notification in most states. Options for a separate limit for this coverage part are available.
- Network Asset Recovery and Repair
- Reasonable and necessary sums required to recover and/or replace data that is compromised, damaged, lost, erased, or corrupted.
- Hardware Replacement
- Known as “bricking” coverage, this replaces damaged hardware such as laptops, servers, and other equipment rendered permanently damaged in a breach
- Business Interruption and Extra Expense
- Can include business income loss due to inability to operate as normal due to first party breach or dependent business breach.
- Reputational Harm Coverage can also be included for damage to the businesses reputation that reduces income
- Regulatory Defense and Liability, Including Fines and Penalties
- Such as HIPAA, HI-TECH, Medicare / Medicaid or any regulatory / governing body
- Payment Card Industry Data Assessments (PCI-DSS)
- Multimedia Coverage
- Includes coverage for Copyright/Trademark Infringement/Libel, Slander, Advertising, etc.
- Contingent Bodily Injury
- As technology gets more sophisticated, the potential for hackers to hijack life altering medical equipment which could result in bodily injury. Coverage can include both 1st and 3rd party property damage or bodily injury resulting from a breach event./li>
- Data & Network Security & Privacy Liability
- Defense and liability coverage for lawsuits from affected 3rd parties following a breach.
- Cyber Crime
- Can include funds transfer fraud, invoice manipulation, phishing, social engineering, crypto-jacking and telecommunications fraud.