Media and technology are revolutionizing the way we communicate. Yet traditional insurance policies have not always kept pace with this evolving landscape. Accordingly, as part of our expanding insurance coverage offerings for Daily Money Managers (DMM), Dominion Insurance can now place for DMMs integrated insurance coverage with Lloyd's of London specifically designed to provide comprehensive protection for the cyber, privacy and media risks faced by DMMs in their day to day operations. Dominion's DMM Cyber policy has been developed with the future very much in mind, providing three significant innovative heads of coverage:
The liability coverage furnishes insurance for both privacy breach and security breach. The policy defines these terms as follows:
Privacy breach means any of the following:
- theft or loss of personally identifiable information, including without limitation, personally identifiable information stored in an electronic medium, or the failure to provide notice of such theft or loss as required under applicable breach notice laws;
- disclosure of personally identifiable information that was not authorized or consented to by the natural person to which such personally identifiable information relates; provided that such disclosure was conducted by your employee without your approval, authorization, participation or acquiescence;
- the failure of the wording of your existing privacy policy to comply with a privacy regulation requiring specific wording or notices in privacy policies; provided, however, that at the time of such failure you must have had in force an existing privacy policy. ...
Security breach means the theft, loss or unauthorized disclosure of confidential information provided to the insured organization pursuant to a mutually executed written confidentiality agreement; provided that such theft, loss or unauthorized disclosure was conducted by your employee without your approval, authorization or acquiescence and “confidential information” shall not include personally identifiable information or components thereof.
Please note that the foregoing applies not only to "information stored in an electronic medium", but to other types of more traditional media as well. So "dumpster diving" informational losses would fall within the scope of coverage.
Like the liability coverage, the response coverage is divided into two categories: breach notice response services and breach investigation services. The policy provides broad definitions for these coverages:
Breach notice response services means any of the following expenses incurred by us or by you with our written consent:
- breach notice legal and forensic expenses;
- notice fulfillment services; and
- other costs, subject to our discretion, to mitigate reputational harm to the insured organization. ...
Breach investigation services means fees agreed by us and incurred by an outside attorney to identify potential legal violations and defenses arising out of the relevant privacy breach and coordinate the forensic services required to determine the scope and extent of any privacy breach. Provided that breach investigation services shall not mean, and Insuring Agreement I.B. shall not cover: (i) any expenses incurred for any services after any claim is made against you, and (ii) any salaries, overheads, lost productivity, or other internal costs, expenses or charges you incur.
As odd as it may seem, legally required breach notification costs can mount rapidly, constituting a considerable and even debilitating expense for a small business. So, containing that exposure by way of insurance becomes a prudent measure or any firm or business to consider.
Finally, the extortion coverage can provide the needed negotiation muscle when faced with hacker ultimatums, which are coming with increasing frequency. The policy defines a cyber extortion threat as follows:
Cyber extortion threat means a threat by an extortionist to perpetrate a security breach in order to cause a covered incident or the theft, disclosure, transfer or sale of personally identifiable information, unless a money demand is paid by the insured organization. ...
The policy is written with the anticipation that insureds will do their part in maintaining updated anti-virus and malware prevention solutions on their computer systems, as well as appropriate firewalls and regular backups. Thus, working together, insured and insurer, can collaborate to ensure that adequate protections against 21st century risks are functioning and in place. In keeping with the cutting edge nature of this type of coverage, DMMs can apply on-line and obtain real-time insurance pricing at www.dominion-insurance.com