Insurance Coverage for Data Breaches and Privacy Violations: Are Your Corporate Clients Truly Protected?
Google, Yahoo, LinkedIn, Wyndham Hotels, Living Social and, most recently, Target and Neiman Marcus have all been hit with major data security breaches. Target Corp.'s data breach reportedly exposed up to 110 million customers nationwide to potential credit and debit card fraud. Beyond the headlines, every business is vulnerable to breaches as hackers become increasingly sophisticated.
Since most data breach suits are based in negligence, a data breach can trigger potential coverage under existing business insurance policies. In addition to strong data privacy policies and processes, counsel should evaluate existing and new types of coverage as a critical component of loss mitigation. Specialty cyber policies or riders are available to cover intangible exposures such as system disruption, lost or damaged data, invasion of privacy, and IP infringement.
Josh Mooney joins a panel of insurance attorneys discusses trends in data breach and privacy violation claims and litigation. The panel will outline how to examine existing business policies and evaluate specialty cyber policies to determine the optimal coverage for each situation. The panel will also review defense and plaintiff approaches to resolving coverage disputes between insurer and insured that arise in the wake of data breaches and privacy violations.
- Trends in data breach litigation and liabilities
- Analyzing scope of coverage in cyber policies and standard CGL, D&O, E&O policies
- What is typically covered
- Limits and exclusions
- First and third-party options
- Defense costs
- Statutory damages
- Indemnity coverage for statutory damages
The panel will review these and other key questions:
- Which policies will yield the most recovery for costs and expenses arising from the breach such as notification, credit monitoring and public relations?
- Is there potential coverage under the Personal and Advertising Injury Liability coverage section of CGL policies?
- Under what circumstances may the Bodily Injury and Property Damage section of the standard CGL form cover injuries to third parties?
- When might D&O and E&O coverage respond to cyber risks?
- Are attorney fee awards to plaintiff's counsel in class action claims recoverable as defense costs?
- Is there indemnity coverage for statutory damages arising under the TCPA or other privacy-related statutes?