FEATURE sTOrY Cyber and Privacy Liability Insurance: What Does it Cover? By Gamelah Palagonia, CIPM, CIPP/IT, CIPP/US, CIPP/G, ARM, RPLU+ Editor’s note: The following is the second in a series of articles from Gamelah Palagonia about cyber liability insurance. In the last issue of Billing, we discussed how business owners can protect themselves with cyber and privacy liability insurance. This type of insurance can protect you in the unfortunate event of a data breach, which is increasingly becoming a major concern for businesses that deal with sensitive data. Before you purchase this insurance, it is important to understand exactly what it covers. To that end, this article provides an overview of the coverage available with these insurance plans. Cyber and privacy liability insurance policies include third-party and first-party coverage parts, and each part includes different insuring agreements. The following is a list of the major insuring agreements under each coverage part, as well as what they cover. Third-Party Coverage Network Security Liability: affords legal defense costs and indemnity for third-party claims alleging failure to protect against transmission of malicious code, denial of service attacks, and unauthorized access and/or use of computer systems. Before you purchase this insurance, it is important to understand exactly what it covers. Privacy Liability: affords legal defense costs and indemnity for thirdparty claims alleging negligent use or disclosure of nonpublic, personally identifiable information, including protected health information, employee personally identifiable information, and thirdparty corporate confidential information. Internet Media Liability: affords legal defense costs and indemnity for third-party claims alleging wrongful acts in the dissemination of Internet content and media. Regulatory Actions: affords legal defense costs for regulatory actions brought by federal regulators such as HIPaa/HITeCH, Children’s Online Privacy Protection act, Federal Trade Commission, and state attorneys general. First-Party Coverage Data Breach Fund/Costs: Covers the cost of the data breach team some insurers require you to provide notice of claim to the insurer and gain its written consent to utilize response vendors. Failure to do so can lead to uninsured claims and can compromise coverage. To avoid this, sync your incident response plan with the insurance program and gain the insurer’s prior written consent as part of the application process before coverage is purchased. THe jOurNal OF THe HealTHCare BIllINg aND maNagemeNT assOCIaTION 19 QuICK TIP!
Billing_NovDec14
To see the actual publication please follow the link above