Cyber liability remains constant in the trade news. Claims come in all sizes, from small retail breaches to large universities and everybody in between!
Less than a year after its last data breach, Stanford University has again been hit and is now in the process of notifying some 2500 patients. The most current trend is theft of laptops. Many companies have spent time and energy in fortifying the firewalls and security, but the human factor still is a major hurdle. In this case, a laptop was stolen and has significant Persona Identifiable Information (PII). Stanford has taken the additional step of encrypting the laptop with a password protection system that will inform the school once the computer IP hits the internet.
The cost of notifying and protecting patients or clients information can be a costly undertaking, and many new insurance policies are available to transfer this risk. With the cost upwards of $200 per record, this needs to be a serious consideration.
Contact us for more information!
We recently mentioned the importance of E&O insurance for certain businesses and I would like to hit on three other essential “Professional Liability” coverage’s.
Directors & Officers Liability. We use a D&O policy to protect the directors and officers against losses and defense costs that may arise from suits alleging wrongful acts by the directors or officers. Many companies dismiss this as something only needed for huge class action suits, but we are increasingly seeing small companies and non-profits getting hit with these claims. Because of the fact that these directors and officers personal assets are at risk, these policies have to be looked at. And not all D&O policies are the same. Some of our carriers have lifetime reporting tails that protect a D & O for something that was on their watch even if they have long since vacated that position.
Employment Practices Liability. EPLI polices are designed to protect the company from allegations of wrongful termination or sexual harassment issues. There are many state and federal laws that protect the individual in areas of hiring and firing, compensation and advancement, classification of employees, layoffs etc., so ANY company that has employees is potentially at risk. According to the EEOC, roughly 40% of all EPLI claims are brought against companies with 15-100 employees. Because of the serious nature and the number of claims in the US, coverage for EPLI is becoming more expensive and has more restrictions in coverage than in the past. This just underlies the importance of this coverage.
Cyber/Data Breach insurance. We have discussed this in the past and this is an ever evolving claim land mine. Insurance carriers are moving quickly to come up with the correct policies to protect businesses. There are so many areas of potential liability – violation of privacy, transmission of viruses, copyright & trademark infringement, release of sensitive personal data to name a few. Today almost all companies conduct some activity in an area that opens them up for potential losses, such as business websites and internet advertising, e-commerce, internet connectivity, credit card processing, handing of patient or client files etc.
It is very important for you to clearly communicate all of your operations to your agent, and together come up with the best risk strategy that fits into your budget. Not purchasing an EPLI policy because “all of your employees are like family” is not a good strategy anymore.
We often get asked by start-up companies, ( particularly technology companies) if they should purchase General Liability or Errors and Omissions (professional liability) insurance. We always answer with an emphatic – “Both”!
In some of the upcoming posts, we will get into the details a little deeper, but I recently reviewed some data from one of our leading technology focused insurance companies.
In 2011, the average loss cost for a claim in the small business sector was as follows;
Property = $10,200
General Liability = $24,000
Workers Compensation = $11,500
And the kicker;
Technology professional liability = $250,000 ( and this is for defense costs only!!)
While our start-up friends will see more frequency from Auto or Workers compensation claims, the severity of a Professional liability claim can dramatically impact the future of any new business.
Of course cost is a factor in any business conversation, but more and more of our Technology focused carriers are offering quality affordable coverage for this critical type of policy. Be sure to discuss your operations in detail with your agent so together we can work toward a solid risk management solution
Data Breach. It’s in the news constantly, and there is much confusion about what it is and how much damage it can cause small businesses.
Some of the statistics are staggering, and the false sense of security that the majority of small business have is as staggering.
According to a survey completed in 2010 by Symantec, 73% of small and midsize companies experienced a cyber attack in the past year. The average cost of cyber attacks last year were $188,242 for small and medium-sized businesses, with down-time costing some small firms $12,500 per day.
According to the Ponemon Institute (2011), data breach incidents cost U.S companies and average of $214 per compromised customer records.
So the financial cost is high. But as troubling is that in the Symantec survey, 85% of owners said their companies were safe from cyber threats; yet 77% had NO formal written internet security policy, and of those, 49% did not even have in INFORMAL policy!
Larger companies are shoring up their defenses, and these unprotected small businesses are now the low-hanging fruit for the cyber criminal.
Next month the FCC will launch the Small Biz Cyber Planner, a new online tool to help businesses customize and create cyber security plans. This is currently being developed as part of collaboration with the FCC and private IT and Security firms, such as VISA, Symantec and the NCSA. For now, the FCC has released a tip sheet that can help bring more awareness – www.fcc.gov/cyberforsmallbiz.com
An additional step after you implement a cyber security plan is to transfer some of this risk to an insurance company. Today there are more and more new products available to the small business to help mitigate the risk of data breach, and the lawsuits that may stem from these attacks. Even a well implanted plan can fail, largely due to human error. Many of these claims result from a simple mistake. An employee might misplace a laptop, blackberry, or leave them in an unsecured location, such as an unlocked car.
Federal or state law may mandate that your company take (and bear the expense of) certain measures in the event of a security breach. Here in California, SB 24 was signed into law and will take effect January 1, 2012. Enacted to protect consumers from identity theft, the bill establishes content for data breach notifications to consumers which must include;
- A description of the breach incident
- What type of personal information was breached
- What time the breach occurred
- Contact information for the major credit reporting agencies in California.
The new law also requires that the California Attorney General be notified if a single breach affects more than 500 people.
If we use the average of $214 per consumer, times 500, you are already over $100,000 in expense. The potential loss can greatly exceed this.
With all of the new data and cyber policies available, and this new law starting in January, getting proper coverage has never been more important.
Talk to you agent about how best to protect your company. The hackers are out there and its easy picking’s.
With fall upon us, and in climate weather around the corner, I thought I would mention a real cheap and effective safety tool that can be used in the home.
Many businesses have battery-backed automatic floodlights that illuminate an area when power has been cut to that building. Safety lights are very common in commercial buildings, as well as residential buildings and school dormitories and are most often situated in areas like stairwells and common halls, for safe exiting.
Now there is a very good and inexpensive way to accomplish this in your home. Companies like Eveready, Rayovac and Eton have made small rechargeable LED lights widely available – Home Depot, Walgreens and Amazon have a variety to choose from. These lights are compact, usually rechargeable LED lights that you plug into any wall socket. When power is cut to that socket, the lights automatically illuminate. Many of the small lights offer sufficient lighting , usually 10-15 lumens and are perfect for bedrooms and hallways. For homes that have children, or adults that are elderly, the worry of things going bump in night is greatly reduced. I purchased these lights and have them situated for evacuation and to lessen the fear of total darkness for my children. Another positive attribute is the low cost – you can get them from $10 and up.
Grab a few, plug em in, and know you have a light when you need it
Just a quick note this time. We have been seeing some pricing increases in Employment Practices Insurance, and Directors and Officers coverage for California businesses. Rates are increasing, deductible options are being forced higher, and the available marketplace for business in California for these lines are shrinking rapidly. As recently as 6 months ago, we were able to get multiple quotes, with multiple options, like deductible limits, choice of Law firms, etc. Today this is not really an option. Carriers are pulling out of California for EPLI and D&O and its impacting the amount of available coverage. The fact that we are seeing increases here, just underscores the need for these 2 types of coverage.
So expect some rate increases!
Now that the new IPhone 4S is here, we can all rush out to purchase the new technology with a new 2 year contract!
Among the downsides of locking into a 2 year commitment with your phone company, is what to do if your new phone gets stolen, broken, or accidently flushed down the toilet! Since you are locked into contract, if you want another iphone, you are going to have to shell out more that $600 to be able to text to your heart’s content.
Smart phones are more and more prevalent today, and many of us rely on them daily. Some homeowners and renters insurance carriers will add coverage to smart phones and other mobile devices for very small premiums – some as low as $15 per year, with no deductible.
Turning in multiple claims for small amounts like an iphone is not necessarily a good idea long term (read Big jump in homeowners rates!) it is something that may come in handy on occasion. As we often suggest, talk to your insurance agent about your situation, and have them see if in fact your carrier can add this coverage for you.