Cyber Liability Insurance is almost mandatory for Law Firms
Law firms handle a lot of private and sensitive data, including third party data, clients’ data, etc when doing business. The truth is that no matter how secure these firms think their data is, there are many ways that credit card numbers, social security numbers, and health information can become compromised. This can happen due to rogue employees, human error, an attack by hackers or many other causes.
Because of these risks, as a law company you need to take all the necessary steps in order to protect the sensitive data you’re using on a daily basis. For instance, if you’re a personal injury firm, then you’ll certainly take credit card payments from your customers. Therefore, you need to do everything you can in order to ensure that information is fully protected. Corporate work that concentrates on an upcoming acquisition or IPO or practices focused on corporate restructuring contain a lot of confidential information of many clients that is (usually) protected under an nondisclosure agreement. Even more, a company that handles medical malpractice or personal injury lawsuits can have a lot of personal health information on their servers.
If this data can be accessed by hackers, then this can have a wide range of negative consequences on the firm, including penalties and fines, regulatory investigations, lawsuits, and even the loss of a great reputation for the company. In order to avoid such nightmarish scenarios, more and more companies buy cyber liability insurance.
These days, law firms handle a lot of non-electronic and electronic information and based on where the company is located and its practice area, the information can range from protected health data, personally identifiable info, but also confidential corporate data like details on acquisitions and mergers, contracts, and intellectual property. If one such company’s systems are breached and hackers gain access to this data, then it can cause a lot of losses and even lawsuits for the company. In some cases, lawsuits may not be filed, but even so, the company will need to pay a lot of money to notify its customers and also incur monetary losses associated with public relations expenses, forensic expenses, penalties and fines, regulatory investigations, and more.
However, it’s not only 3rd party data at risk and there were cases when the company’s proprietary data was wiped out completely. This resulted in a very expensive data restoration and re-creation process. If you want to protect your company from such breaches, then it’s highly recommended that you buy adequate coverage.
While cyber risks policies were introduced in the nineties, in the past several years the demand for cyber liability coverage has increased dramatically. Many companies, including retailers and large corporations buy cyber insurance coverage in order to protect themselves against the losses associated with cyber attacks. When it comes to law firms, it seems they’re not yet aware of how important this coverage actually is for their business’ wellbeing.
While many law firms don’t really have cyber liability coverage, many of them will buy it in the next several years as potential exposure will become clearer.
Over the past 2 years, there’s been a great increase in the number of companies that bought cyber liability coverage. While America is not yet at the point where it can say this type of insurance policy is as popular and common as other types of insurance, it’s slowly, but surely heading towards that degree of popularity. Many companies these days consult their customers on regulatory and privacy issues and at the same time, those very customers want to know how the companies they use and give their personal information to protect, store and use it. Given the fact that there’s a lot of awareness around this topic, it’s only natural that law firms take the required steps in order to make sure that they’re properly covered in the event the sensitive data on their servers is compromised.
One of the main questions law firms need to ask is what cyber risks or data breaches aren’t or are covered when they purchase a standard LPL. When it comes to the standard LPL though, it doesn’t actually cover a lot of data breaches. One of the main questions law firms need to ask is whether their lawyers’ liability protection policy has out of pocket costs or affirmative coverage grants for loss of third party and client data associated with responding to the incident.
Cyber liability insurance policies – An absolute must
Law firms should seriously consider buying cyber liability insurance policies given the risks they’re undertake on a daily basis by processing highly sensitive data. Cyber policy coverage provides them a great later of protection that effectively helps them minimize the impact of security breaches. When it comes to cyber risks, there is (unfortunately) no silver bullet, so that’s why these firms need to be very dynamic in their approach to internet risk. Also, this process needs to encompass not only technology, policies, and people, but also insurance solutions.
Even more, certain carriers will also offer risk management services on top of the standard insurance policy and the former can be effectively used by firms in order to protect themselves against such exposures. Lastly, those who buy this type of insurance can access a built-in network of legal counsel, PR companies, and IT experts which brings a massive amount of value to their coverage.
The majority of carriers offer a wide range of coverage types and the good news is that they can be considered based on the needs of the insured. There are 2 main categories that coverage falls into, including first party and third party. First party addresses the expenses and costs the insured party incurs due to security failures. The policy will therefore cover the costs associated with dealing with the failure, such as lost income caused to the insured, forensic expenses, costs of investigating the failure, but also credit monitoring and notifications. Secondly, third party coverage protects the insured against legal liability caused by security failures. This usually leads to penalties and fines from regulatory actions.
According to the majority of cyber insurance experts, cyber policies offer services and benefits that aren’t currently provided by LPL policies. If you’re a law firm, then you need to take a very close look at your Lawyers Liability Protection policy in order to understand the exact services it provides and what it covers.
With a cyber policy you also get post and pre breach services that aren’t usually covered by LPL policies. However, the most important reason why you should buy a cyber insurance policy has to do with your exposure. More and more law firms become victims of data breaches and in the next several years, the number of lawsuits filed against them is only going to increase.