Tag Archives: Cyber

Cyber Liability Insurance: The Value of an Educated Broker in the Age of E-Commerce (PLUS Journal Archive)

Posted on by
2

PLUS CyberIn this preview of an article from Issue XXIV, Volume 12 of the PLUS Journal (December 2011) authors Richard J Bortnick and Abby J Sher look at how intangible cyber losses are not typically covered under a CGL policy.

PLUS is offering exclusive cyber liability and data security sessions as part of the upcoming Medical PL and Professional Risk Symposia, March 29 & 30 in Chicago.

From the Journal article:

A typical CGL policy defines “property damage” as “physical injury to tangible property, including all resulting loss of use of that property.” Although this definition would apply to traditional property damage losses (such as those arising from fires, impaired property and the like), many policyholders and brokers might incorrectly assume that it also extends to technology and cyber privacy losses involving intangible property, such as electronic data. Such an interpretation, however, may be regarded as contrary to the plain and ordinary meaning of the policy language, which specifies that “property damage” is premised upon ” physical injury to tangible property.”

This misconception perhaps is based upon the intuition of policyholders and brokers that traditional policy forms should adapt to protect against evolving risks.  While this assumption may seem reasonable to policyholders, it is not one ratified either by policy drafters or the courts, as will be discussed more fully below.

Prior to the widespread use of technology and paperless systems, the disclosure of confidential information and destruction or theft of client or employee records would, generally speaking, have involved paper documents – that is to say, “tangible” property – and thereby possibly would have been covered by a CGL and/or fidelity policy. At the same time, prior to the advent of the internet and the widespread use of computers, the possibility that a company might  be damaged by the electronic “equivalent” of a data theft or computer breakdown was largely unimaginable, and surely not contemplated by underwriters, brokers or their policyholders.  Thus, CGL policies were not drafted with the thought that such risks would exist – or be covered.

Oddly, it is sheer coincidence that a typical CGL policy specifically carves out intangible property damage from its definition of “property damage.”   Indeed, ISO’s addition of the word “tangible” to its standard CGL form in 1966 was in response to efforts by policyholders to obtain coverage for rights, obligations, and other forms of economic loss.  Prior to 1966, “property damage” was defined as “injury to or destruction to property.”  The 1966 definition, which defined “property damage” as “injury to or destruction of tangible property” was “misleadingly simple.” Laurie Vasichek, Liability Coverage for “Damage Because of Property Damage” Under the Comprehensive General Liability Policy, 68 Minn. L. Rev. 795, 801 (1984).  In view of this and other criticisms of the 1966 revision, ISO further clarified the definition in 1973 so as to require “physical injury to tangible property.”  Like the 1966 amendment, this change was designed to limit coverage to the intended categories of loss, and to preclude coverage for diminution in value and other intangible losses.

It nonetheless remains that CGL policies were not drafted in contemplation of cyber losses and were not rated to address their potential breadth, as the scope of a cyber loss can easily exceed the loss resulting from a typical property damage claim. In the course of a data breach, a large quantity of data can be remotely accessed, duplicated, and disseminated within a fraction of a second; certainly far more permanent damage can be done in a nano-second than in the case of a defective product or a natural catastrophe involving traditional brick and mortar property damage.  Moreover, if stolen personal or confidential corporate information is circulated on the Internet, the harm becomes both permanent and widespread.  The potential implications of this loss extend far beyond the scope of traditional tangible property damage. Cyber breach remediation requires time, intelligence and a significantly more advanced means of reparation, if any such repairs are even achievable when it comes to personal and confidential corporate information.

PLUS members can read the entire article on  www.plusweb.org.You must log in to the website to view this content.

A Message from PLUS President Jeff Lattmann

Posted on by
Reply

PLUS President Jeffrey Lattmann from the heart of Times Square, home of the PLUS D&O Symposium.

The D&O Symposium was a great event, with over 1,200 industry insiders from 34 states and 16 countries converging on New York for 2 days of learning and networking. We’re not resting on our laurels, though. We at PLUS have already turned our attention toward late March and the next installments in the PLUS Symposia Series… Medical PL and Professional Risk. These two events, taking place concurrently on March 29 and 30 in Chicago, Illinois, focus on the latest trends and topics across medical, employment, e&o and other professional liability lines.

In 2012, PLPLUS CyberUS is placing special emphasis on Cyber/Data Security issues, coverages relevant across all professional liability lines. Multiple sessions touching on data security and cyber liability are part of this year’s schedule:

Cyber Security Expert Juval Aviv
Impact of Social Media on Insurance Companies
Social Media Expert Peter Shankman
Healthcare ERM: Are You Ready for the “Cloud”?
Data Breaches: Coming to a Network Near You

Registration is now open, so make sure you make it to Chicago in March for the Medical PL and Professional Risk Symposia. By registering for either of these great events you are able to attend sessions from both symposia.

Healthcare Cyber Risks and Privacy Breaches – Emergent Problems or Chronic Condition?

Posted on by
Reply

In this clip from the 2011 PLUS International Conference educational session entitled “Healthcare Cyber Risks and Privacy Breaches – Emergent Problems or Chronic Condition?,” Theodore Kobus, III, Esq. from Marshall Dennehey Warner Coleman & Goggin reviews the A to Z of healthcare data breaches.

Also, registration just opened for the 2012 Medical Professional Liability Symposium, March 29 & 30 in Chicago. Don’t miss the excellent educational and networking opportunities at this PLUS event.


PLUS members can view this entire educational session by visiting www.plusweb.org/education/multimedia. You must be a member and logged-in to the website to view the multimedia content.

Other panelists at this session were: Michael Carr (Argo Pro), Beth Diamond (Beazley Group), Mark Silvestri (CNA), Charles M Vieau (Alliant Healthcare Solutions)