PRODUCT: Information Security and Privacy product and Beazley Breach Response

COMPANY: Beazley Insurance. Co. (admitted)/Lloyd’s Syndicate 2623 and 623 (non-admitted)

BEST RATING: A

AVAILABILITY: Beazley does business through appointed brokers.

FOCUS: Beazley sees positive results entering its second year with the enhanced Beazley Breach Response (BBR) policy and broadened data breach protection services. The specialty insurer continues to see increased interest in BBR, says Aaron Basilius, counsel for Beazley’s technology, media and business group. Basilius points to BBR’s broad cyber liability protection as a major driver of interest, thanks to its outside-of-limits breach response coverage for up to 5 million individuals, in addition to coverage for third-party claims of up to $15 million. Basilius adds that Beazley utilizes an in-house breach response team to work with policyholders and that its breach response team helps insureds with legal, forensic, notification, call center and credit and identity monitoring services. Deductibles for breach response services begin at $2,500.

UNDERWRITING: Beazley sells two cyber liability primary policies in the U.S. One is a traditional Information Security and Privacy policy, and the other is Beazley Breach Response. Information Security and Privacy tends to serve companies with more than $4 billion in revenues. BBR stacks up as an insurance- and service-based offering that responds to data breaches for managing wrongful access, credit monitoring, forensics and customer notification. Neither addresses technology professional liability without a specific endorsement.

Both policies cover regulatory fines reimbursement and privacy notification costs, and provide first- and third-party network security coverage, including network breaches, denial of service, viruses/worms and malware. Both also cover privacy liability that addresses unauthorized releases of medical or financial records and similar personal information; extortion threats; and crisis management services. They can also back first-party exposures, including business interruption and lost data or data destruction.

Per-claim and aggregate limits can reach $20 million for Information Security and Privacy. BBR covers the costs of notifying and presenting credit monitoring services to as many as 5 million people involved in a covered breach event, with separate limits applying to third-party claims. Individual risk characteristics determine whether policies appear on admitted or non-admitted company paper. Punitive damages are covered where allowed by state law. Defense costs are within policy limits with both policies.

MINIMUM PREMIUM: Varies by risk.

TARGET: Underwriters maintain a broad appetite, including virtually any privately held or public company that has data privacy or personal information security exposure.

COVERAGE TERRITORY: Worldwide.

CONTACT: Mike Donovan, focus group leader for technology, media and business services liability insurance; Beazley Group, 101 California Street, Suite 1850, San Francisco, CA 94111; 415-263-4050. 

Ron Lent is an IA contributor.