Skip Ribbon Commands
Skip to main content

​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​

 

‭(Hidden)‬ Catalog-Item Reuse
Markets
TAGS

PrivaSure Protects Against Financial Losses of Data Breach

AXIS reimburses companies that suffer a data breach via a policy that responds to the way these events occur. In developing PrivaSure cyber liability, the company compiled what it believes to be the best available coverage concepts in the cyber marketplace.
by
Sponsored by

PRODUCT: PrivaSure cyber liability

COMPANY: AXIS Insurance

BEST RATING: A+ (Superior)

AVAILABILITY: Coverage is available through contracted independent agents and brokers.

FOCUS: AXIS reimburses companies that suffer a data breach via a policy that responds to the way these events occur, according to Paul Miskovich, AXIS global cyber practice leader.

In developing PrivaSure, Miskovich says the company compiled what it believes to be the best available coverage concepts in the cyber marketplace, including the following four features:

1) Because one breach event makes a company vulnerable to others, the company now offers a policy-level aggregate retention, no matter how many events take place. This ensures that policyholders know the largest amount that they will have to pay out of pocket in the event of a breach.

2) The company has added an aggregate first-party retention. “Cyber policies pay first-party expenses like forensic, legal, credit monitoring, notification and fraud response services,” Miskovich says. “In order to ensure clarity, we identified all sublimits and retentions on the declarations page as a sublimit, and we also provide aggregate retention for these coverages.”

3) The policy term is triggered when the breach event is discovered. “This is a significant advantage, because the policyholder may not know when the unauthorized access happened, but still expects coverage to respond if they were unaware of the breach for some time,” Miskovich says. “Discovery is now the trigger.”

4) PrivaSure allows late notice if law enforcement is involved and prohibits the policyholder from notifying the insurer during the investigation.

“If you’re in business and have employees’ social security numbers or addresses on file, much less customers’ personal information, you are at risk,” Miskovich says. “It’s not a matter of ‘if,’ it’s a matter of ‘when.’”

PrivaSure also offers pre-approved service vendors and a 24/7 breach-coach hotline.

UNDERWRITING: Up to $20 million limit capacity, primary or excess; $1,000 minimum retention; 2 million individuals to be covered for crisis management and fraud response services for select accounts.

Coverages include liability arising from accidental release, unauthorized disclosure, theft or loss of protected personal information; liability arising from denial of service attacks or the inability to access websites or computer systems; liability for failure to timely disclose an incident or to comply with insured’s privacy policy; regulatory action defense, fines and penalties coverage including payments to consumer redress funds; punitive damages where allowed by law; and favorable consent to settle clause giving the policyholder more control over settlement. Crisis management and related expenses can be reimbursed or paid on insured’s behalf.

First-party coverages include crisis management expense coverage for enterprise security events written on an occurrence basis with discovery trigger; voluntary notification coverage, as well as call center services; public relations expense, including Web content development, spokesperson training and media talking points; fraud prevention services, including credit monitoring and ID theft insurance services for affected persons; and computer system extortion expense and loss coverage.

Other policy features include aggregate retentions for first-party and liability coverages; blanket additional insured coverage; automatic subsidiary coverage, including newly created or acquired entities; a panel of pre-approved service providers; and a breach coach hotline. Late notice is permitted if legally prohibited from disclosure.

Optional coverage is available for PCI fines and recertification; outside limits crisis management and fraud response for select accounts; website content and content published on social media; business interruption loss; and data restoration.

MINIMUM PREMIUM: $1,000 for $1 million in coverage.

TARGET: All classes of business with $100 million or less in revenues.

COVERAGE TERRITORY: PrivaSure is available in all U.S. states but is currently non-admitted.

CONTACT: Paul Miskovich, global cyber practice leader; AXIS Insurance, 300 Connell Drive, Suite 8000, Berkeley Heights, NJ 07922; 908-508-4339.

Ronimarie Acord is an IA contributor.

12912
Tuesday, June 2, 2020
Cyber Liability