Cybersecurity | JD Supra Law News has a new blog post:
Many smaller businesses find themselves vulnerable to cyberthieves, mainly because they have limited budgets for data security and few or no technology experts on staff. Costs of a hacking incident or inadvertent disclosure can include: forensic expenses to figure out what happened, how, and what was taken; installing more robust data protection security; data recovery; notifying customers; paying credit monitoring fees for affected customers; hiring a public relations firm to deal with the fall out; perhaps dealing with business interruption from downed technology. There also may be regulatory fees or fines, legal fees and court costs.
Liability for loss or disclosure of customer or employee data is not typically covered under a corporate insurance policy. Some existing business insurance policies that offer general liability, and directors and officers liability, may provide a measure of coverage for those areas, but significant gaps may exist if you are trying to recover from a hacking incident that revealed private information.
Some insurance coverage for cyberliability was offered to technology service providers to cover them for negligence or wrongful acts that led to damages for their clients, including security breaches. Some general commercial insurance policies offered coverage for publication of material that violates a person’s right of privacy.
There has been at least one recent case that denied coverage where the data breach was not a negligent act by the insured, but a deliberate hacker attack.
Companies with HIPAA obligations, companies that store credit card information or email addresses and passwords for customers or online retailers especially should review their insurance coverage’s against a hacking or an inadvertent release of private information.
To read the rest of the post, please visit Cybersecurity | JD Supra Law News, Check Your General Commercial Liability Policy for Cyberliability Coverage