Data Compromise

Data Compromise Coverage

HSB’s Data Compromise coverage helps small and medium sized businesses respond to the financial burden and service obligations of a data breach.  Businesses and institutions have a responsibility to safeguard the data of clients, employees and others.   Small and mid-sized companies are vulnerable to data breaches by computer hackers, thieves and dishonest employees or data can be lost through an accidental or inadvertent release.  Yet many businesses lack the resources to respond effectively.

Coverage Summary 

HSB’s Data Compromise coverage is designed to help small and mid-sized businesses investigate a data breach, notify individuals, and provide credit monitoring, case management and other services that help prevent identity theft and fraud following a breach of personal identifying information.  It pays for the following types of expenses:

  • Legal review of notification obligations;
  • Help to find who was affected by the breach and how to notify them;
  • Preparation of notification letters;
  • Toll free help line;
  • Credit monitoring for affected persons;
  • Identity restoration case management for identity theft victims.

 

In addition, HSB also now offers optional legal defense cost and liability coverage as part of the program to protect businesses from lawsuits filed by consumers upset about a data breach when their private information is exposed.

States Mandate Breach Notifications 

With so much personal information stored in paper files, computer networks, laptops and flash drives, the risk of a data breach is increasing.  Forty-six states have enacted "breach notification" laws requiring a company to notify individuals when their personal, non-public information is revealed and it can cost thousands of dollars to respond.  Generally, these laws mandate expedient notification “without unreasonable delay” and many statutes impose civil or criminal penalties for failure to promptly disclose.  More importantly, the damage to a company’s sales and reputation depends on the actions it takes in response to a data breach. 

Business Obligations 

Virtually all organizations collect and retain data about individuals.  In today’s environment, a business that experiences a data breach needs to protect itself from both the cost of the response and the risk to its own reputation. The business must be able to notify all parties that were affected by the breach, effectively communicate the scope of the possible damage, and provide credit monitoring assistance and identity restoration case management to those affected by the breach. HSB’s Data Compromise program covers these costs and service components.

Data Compromise coverage is available as a turnkey reinsurance program through select HSB partner insurers.  Most classes of business are eligible for the program but there are some ineligible classes.