A recent report indicated there have been almost 200 high profile data breaches this year, resulting in the exposure of over 13 million records. Among the information released was social security numbers, bank account numbers, patient and medical information, and other personal data. In addition to these large scale breaches, breaches on a smaller scale occur daily, from employees accessing and misusing electronic information stored by their employers to students utilizing Facebook posts to bully. These breaches clearly raise privacy concerns and cause headaches and in some cases heartache for the individuals whose information was disseminated. But the breaches also create serious liabilities for the entities that were entrusted to secure the information and for the persons who accessed it.
An emerging and evolving issue concerning data breaches and other cyber crimes is the availability of insurance coverage for the persons bearing responsibility for the release and improper use of the information. Courts struggle with applying traditional CGL policies to cyber losses, and insurers are responding with a variety of new products. The availability of coverage, both under traditional policies and under more recently developed policies, is a topic that will be discussed at the DRI Insurance Law Committee’s Insurance Coverage and Practice Symposium. Please join us in New York City, December 6-7, for more discussion about this topic.