Feb. 1, 2016
In the current information age, law firms routinely store and transmit non-public confidential data. This data can include client, third party or even employee information like Social Security Numbers, credit card numbers, personal identifiable and health information. A data breach can occur as a result of a lost iPad, cell phone, or laptop; a rogue employee, human error, or worse, a coordinated malware attack by hackers intending to hold your computer system and its' data ransom for money. The Verizon 2014 Data Breach Investigations Report covered 63,437 reported security events, with almost 1,400 breaches in every economic sector. Concerning to law firms, is the finding from the Verizon Report "that attacks on “professionals” have grown significantly in recent years with only the finance, retail and public sectors having more data security issues than professionals in 2013."
Even with the most current network security protocols, a data breach can occur. The resulting consequences can include the law firm having to cover forensic expenses, notification expense, public relation expenses to repair reputational damage, and even regulatory investigation defense costs with possible fines and penalties if corrective actions are not taken immediately. These are First Party Expenses that are likely not fully covered (if at all) under a general liability or professional liability insurance policy. Then, what about the law firm’s loss of income during the system outage? A stand-alone Cyber Liability Insurance Policy is essential to any Digital Disaster Recovery Plan.
Even if your Professional Liability Insurer responds to a claim alleging negligence because of your failure to protect a client's confidential information, how quickly are they prepared to step in and contain your first party expenses? These expenses can be substantial.
What you need is a Data Breach Response Team that a specialized Cyber Security Liability Insurer is best able to provide for you. This team includes forensic experts to confirm the incidence of a breach, eliminate it, and repair your network; legal counsel to interpret the most recent data security breach regulations, evaluate your potential liability, lay out a breach response plan; and provide you with experienced breach response communicators to assure regulatory compliance.
Cyber liability insurance protection is no longer an afterthought, it is a complicated, highly customized insurance that law firms need to seriously consider as a necessary business expense in its own right.
Cyber liability insurance policies provide the latest in risk assessment and risk management resources. Proactive versus reactive is extremely important. The ABA in its numerous articles on protecting law firms From Cyber Security Threats recommends the latest firewall protection, essential password - user identity protocols, and encryption for remote devices accessing and transmitting confidential information. A Cyber Liability Insurer will provide you with the resources to help you identify and address network and system vulnerabilities.
Law firms have an ethical and legal obligation to protect the confidential digital information that clients and contracted third parties have entrusted to them to safeguard. The loss of this data can be an eventual cyber breach incident, preparation is needed. The expanded cyber breach regulations impose a duty to maintain up-to-date security measures. Not following these regulations could result in not just claims or lawsuits alleging negligent behavior, but also substantial out-of-pocket expense to the firm to identify a possible data breach, repair it, and reimburse the firm for the legally required notification and credit monitoring expenses. Cyber Liability Insurance brokers are most qualified to give you the necessary tools to combat the ever-evolving cyber security breach landscape and protect your most valuable business asset- your reputation.
Cindy Wiedman, founded Wiedman Insurance Services, LLC (LiabilityPro Insurance Advisors*) August 1, 2014. Cindy is a Registered Professional Liability Underwriter (RPLU) and has designed and administered professional liability insurance programs over a 35-year career working for various insurance administrators in the Midwest such as Shand Morahan & Company, Kirke Van Orsdel, Marsh and Lockton Affinity.
*Currently working with investment advisory businesses domiciled in Iowa, Minnesota, Kansas, Illinois and Nebraska.