Understanding Electronic Data Liability Coverage

Electronic data liability coverage is a type of insurance that protects businesses from financial losses due to data breaches or cyber attacks.

This coverage is essential for businesses that store sensitive customer information, such as credit card numbers or personal identifying information.

Electronic data liability coverage typically includes costs associated with notifying affected customers, providing credit monitoring services, and paying for identity theft protection.

It also covers the cost of investigating and responding to a data breach, which can be a time-consuming and costly process.

A fresh viewpoint: Cyber Insurance Data Breach

Considering electronic data liability coverage might seem like a no-brainer, given the alarming statistics. 43% of American businesses face a cyber-related loss within a two-year period, according to the Ponemon Institute. The average cost paid for each lost or stolen record containing sensitive information is a staggering $201.

The average total cost to American organizations sustaining a privacy breach loss is a whopping $5.9 million. Cyber-related losses often stem from malicious or criminal activity, making up 44% of all losses. It's a sobering thought that many small businesses may not survive a cyber-related loss, with 60% of them going out of business within 6 months.

If you're a small business owner, you might want to take a closer look at the numbers. 40% of all data breaches in 2012 targeted small- to medium-sized businesses with 100 or fewer employees.

Related reading: Average Liability Insurance Coverage

Insurance coverage and limits are crucial aspects of electronic data liability coverage. The ISO form describes two different limits of insurance: the limit of insurance for damages due to a single electronic data incident and the aggregate limit, which is the maximum amount the policy will pay for all such losses.

The limits of insurance apply separately to each consecutive annual period and any remaining period of less than 12 months. This means that if you have a policy period of 12 months, the limits of insurance will apply to each consecutive year.

A deductible may be included in some policies, which reduces the amount the policyholder must pay before the insurance kicks in. For example, if a policy has a deductible of $10,000, the insurance company will only pay out for claims exceeding that amount.

Here are some key facts about insurance coverage and limits:

Cyber liability insurance protects against network security liability, which covers damages and claims expenses arising from an actual or alleged act, error, or omission.

This type of liability coverage is crucial for businesses that rely heavily on technology, as it can help prevent financial losses due to unauthorized access or use of systems.

Network security liability coverage specifically addresses three key areas: unauthorized access or use of systems, inability of authorized third parties to access systems, and transmission of malicious code.

Here are some key claims examples:

Insurance coverage limits are a crucial aspect of any insurance policy. They determine the maximum amount an insurance company will pay for a specific type of loss or damage.

The ISO form describes two different limits of insurance: the limit of insurance per claim and the aggregate limit. The limit of insurance per claim applies to all damages from a single electronic data incident, while the aggregate limit is the maximum amount the policy will pay for all such losses, regardless of the number of losses.

A different take: Business Owner's Policy

These limits apply separately to each consecutive annual period and any remaining period of less than 12 months. If a policy period is extended after issuance, the additional period is deemed part of the last preceding period.

A deductible may be included in some policies, which reduces the amount the policyholder must pay before the insurance company kicks in. However, the deductible amount does not affect the limit of insurance available.

Here's a breakdown of how limits of insurance work in practice:

In some cases, a policy may have a sub-limit of the Coverage A occurrence limit of insurance. This means the sub-limit is a capped limit within the occurrence limit, rather than a separate limit of insurance.

For example, Junior's Janitorial had a liability umbrella coverage form with a $5,000,000 occurrence limit and a $10,000,000 aggregate limit. The electronic data limit was $50,000. In this case, the policy would pay $1,000,000 for the mainframe loss but only $50,000 for the electronic data loss.

Readers also liked: Cyber Insurance Loss Ratios

Most general liability policies exclude cyber liability exposures, so if you have a general liability policy, it's unlikely to cover cyber risks.

If you do have cyber liability coverage in a general liability policy, it's likely to have low limits and won't include expert loss remediation and crisis response expertise or first-party coverage.

Carriers are actively adding exclusionary cyber liability language to future policy updates, so even if you previously had coverage, it may be excluded going forward.

See what others are reading: Does a Liability Only Auto Policy Need Uninsured Motorist Coverage

Specialty or nonstandard policies may not provide the same type of coverage as the ISO form, so may have additional exclusions, such as direct or indirect loss or damage to documents, records, papers, and data processing equipment.

Direct or indirect loss of damage caused by mechanical or electrical breakdown, or by malfunction of hardware, equipment, components, or parts, is also excluded. This can be a significant risk for businesses that rely heavily on technology.

Recommended read: General Liability Fire Damage Coverage

Any delay, loss of market, business interruption, or other consequential loss is excluded from coverage. This means that if a business is unable to operate due to a cyber attack, they may not be covered for the resulting losses.

A revised exclusion, known as the CU 21 86 Coverage A Exclusion, has added coverage for damages that are not the result of physical injury to tangible property. This means that loss of, damage to, corruption of, or inability to access electronic data is covered, as long as it is not caused by physical injury to tangible property.

Here are some examples of exclusions and risks that may not be covered by a general liability policy:

These are just a few examples of the exclusions and risks that may not be covered by a general liability policy.

Damage to electronic data can be a costly affair. The mandatory CU 21 86 Coverage A Exclusion t. Access or Disclosure of Confidential or Personal Information and Data-related Liability has a revised exclusion that's worth noting.

Worth a look: Cyber Insurance War Exclusion

This revised exclusion now covers damages that aren't the result of physical injury to tangible property. In other words, if an insured damages a computer and that damages data stored in that computer, this endorsement covers the damage to the data.

There's a key distinction to be made here: loss of or damage to electronic data caused by physical injury to tangible property is not covered. For example, if a software update causes a data loss, it's likely not eligible for coverage under the policy.

Analawg Analetiks and Picky Poynts Processors illustrate this point. In their client agreement, Analawg agreed to pay Picky up to $75,000 to assist with paying costs to handle loss of data or downtime. However, when Picky installed a corrupted software update, the loss was not eligible for coverage under Analawg's policy.

Here's a summary of the key points:

It's essential to carefully review the policy and any endorsements to understand what's covered and what's not. This will help you avoid unexpected expenses down the line.

As a business owner, you may be unaware of a possible gap in coverage that can leave you vulnerable to financial losses.

Many general liability policies exclude coverage for cyber liability exposures, including losses resulting from data breaches or cyber attacks.

This means that even if you have a general liability policy, it may not provide coverage for the loss of information or the loss of income that a third party may have endured due to a cyber attack.

For example, if you're a plumber digging a trench for pipes and you sever a fiber optic cable, your general liability policy may cover damage to the cable itself, but not the loss of information or the loss of income that the third party may have endured due to the loss of internet access.

Other examples of industries that may be at risk include exterminators, water well drillers, utility companies, landscape contractors, and electrical contractors.

On a similar theme: Public Liability Third Party Insurance

If you're in one of these industries, it's essential to verify that you have the necessary coverage to protect yourself against cyber liability risks.

A Electronic Data Liability Endorsement is available to provide coverage in these instances, but it may require an additional charge.

Here are some examples of scenarios that may result in no coverage for the actual loss, nor for defense costs that accumulate due to a lawsuit:

These are just a few examples of the many scenarios that may result in a gap in coverage.

As a business owner, it's essential to understand the risks you face on a daily basis. Your operation has an exposure to privacy and security losses if you utilize the convenience of digital records or the Internet.

This means that you're vulnerable to cyber liability losses, which can have serious consequences for your business. You may be wondering, "What can I do to mitigate these risks?" The first step is to acknowledge the exposure and take steps to protect your business.

Check this out: Cyber Insurance Losses

The reality is that most businesses today rely on digital records and the Internet, making it a critical area of focus. If you're not taking proactive measures to secure your digital presence, you're putting your business at risk.

You can't afford to ignore the risks, as they can lead to significant financial losses and damage to your reputation. It's time to take control and implement strategies to protect your business from cyber liability losses.

For more insights, see: What Does Liability Insurance Cover If You're Not at Fault