Privacy Insurance and Financial Losses from Data Breach

Toby Merrill's article in the Advisen Cyber Liability Journal gives an overview of privacy insurance, also known as network security or cyber insurance, to "cover the financial losses arising from a data breach" that can also include "access to expert advice and services."

Privacy insurance has become more prominent as increases in the scope of federal and state privacy laws "continue to fuel a rise in publicly reported corporate data breach incidents."

Merrill, an Assistant Vice President in the Professional Risk division of ACE USA, warns that not all privacy insurance products are created equal:

While most policies and endorsements address both first-party and third-party exposures, there are often wide differences in coverage terms, conditions, exclusions and financial limits.

Many policies, for instance, may highlight large limits of insurance coverage for statutory notification to the affected parties of a breach and the monitoring of their credit, but fail to provide adequate financial limits or choice among the vendors providing assistance in the aftermath of a data breach.

Thanks to Nina Kallen at Insurance Coverage Law in Massachusetts for the find.