Cyber Liability/Data Breach Coverage
As attorneys, your clients trust you with confidential information. Criminals are attracted by confidential information such as financial records, health records, Social Security Numbers, intellectual property, depositions, and criminal records. Loss of such information may result from a malicious attack (e.g., hacking, malware, or deliberate espionage), a dishonest employee, or theft of a notebook, tablet, or smartphone. Loss can also result from innocent mistakes such as losing a smartphone, unintended transmissions, or other human error that can occur in any busy practice.
According to Aon Corporation, the average cost for a privacy data breach is $217 per compromised record. Further, 47 percent of privacy breaches are the result of criminal activity, 25 percent employee error, and 28 percent system errors.
Few law firms attempt to practice without professional liability insurance; however, according to a recent ABA technology survey, only about 11 percent of responding lawyers indicated that their firm has cyber liability insurance. Cyber liability insurance is an increasingly necessary coverage for law firms. In a recent ABA Journal article (April 1, 2015,), David L. Hudson Jr. said the same. Lawyers professional liability (LPL) insurance policy may help protect against third-party lawsuits, but there are gaps related to privacy notification, crisis management, business interruption, cyber extortion threats (yes, this has happened to solos and small law firms),
Cyber Liability Coverage includes:
• liability for security or privacy breaches, including loss of confidential information by allowing, or failing to prevent, unauthorized access to computer systems;
• the costs associated with a privacy breach, such as consumer notification, customer support, and costs of providing credit monitoring services to affected consumers;
• the costs associated with restoring, updating, or replacing business assets stored electronically;
• business interruption and extra expense related to a security or privacy breach;
• liability associated with libel, slander, copyright infringement, product disparagement, or reputational damage to others when the allegations involve a business website, social media, or print media;
• expenses related to cyber extortion or cyberterrorism; and
• coverage for expenses related to regulatory compliance for billing errors.
If you don’t have this coverage in place now; ask what would you do if you had a data breach? How would you be able to react to a breach, comply with the notice requirements, credit monitoring and business interruption? This is an exposure we can address for our clients with the many cyber liability policies we offer.