Presentation on theme: "What you need to know about Tech E&O Claims & Information Risk."— Presentation transcript:
What you need to know about Tech E&O Claims & Information Risk
Presentation Objectives 2 The Technology Business Sector faces distinct liability issues that require customized risk management solutions. Errors & Omissions – What is it? – Discuss situations that could lead to an E&O claim for a Tech professional Information Risk – Understand legal and regulatory implications of a data breach where personally identifiable information of clients may be at risk
Technology Environment/Trends 3 Why does the Technology Sector Face Unique Risk Exposures? Tech universe is fueled by 80% small firms with less than $20M in revenue Global risks from inception with international revenue expected to exceed 49% in three years- Networks & Businesses today are borderless Continuous innovation Size and complexity of Tech risks drive customized E&O/Info Risk solutions
Technology Errors & Omissions 4 What is Errors & Omissions? Covers the financial loss suffered by your client when the product or services your company provided fails Covers a wrongful act: any actual or alleged act, error, omission, neglect, breach of duty; 1. Committed solely in the conduct of your work 2. Resulting in the failure of your product to perform the function or serve the purpose intended
Technology Errors & Omissions 5 PROPERTY BUSINESS INTERRUPTION GENERAL LIABILITY ERRORS & OMISSIONS Property Exposures Liability Exposures Bodily Injury or Physical Damage Financial Loss
Why Does a Tech Company Need E&O? 6 The General Liability policy excludes many tech liability issues – Intangible property damage or financial loss – Professional exposures – No coverage for programming errors, contract performance disputes or issues related to data corruption Differentiator against competitor Frequent contract requirement Personal Protection Defense Costs
Why Does a Tech Company Need E&O? (cont.) 7 Things go wrong and clients sue – Lack of communication between insured and client – Inability to pay for work performed – Client is acquired, new parents doesnt like the technology – Vendor oversells capabilities – Ownership of developed software is not clearly defined
Technology E&O Claims: RED FLAGS 9 Watch for clues that there may be an E&O claim lurking… Missing deadlines Not hitting milestones Few large clients/contracts- dependency Contracts become extremely important!
I Think I See a Potential E&O… 10 What should you do if you learn of a situation that you think might give rise to an E&O Claim? Report as soon as you think there may be a situation! No penalty for reporting With some companies (like CNA) reporting will enable your company to benefit from free pre-claim assistance
Information Risk (Cyber Liability) 11 Third Party Risks: Your Responsibility to Others: LIABILITY Network Security Privacy Injury Liability Need to comply with State Breach Laws Regulatory Fines & Penalties Crisis Management First Party Risks: WHAT CAN HAPPEN TO YOU Loss of Data Network Extortion Loss of Business Income Electronic Theft
Hazards that Cause Information Risk Losses 12 Virus/Malicious code Denial of service attacks Hacker attacks/unauthorized access Malicious Hardware No Tech/Low Tech Threats: Physical theft of device/media Accidental release Rogue employees Social engineering Trivia: Define Phishing?
Claims Trivia #1 14 The Retailer A mid-sized technology company hosts Web sites for retailers. A high fashion boutique relies on Web site availability to generate e-commerce income. The technology companys site is disrupted by a virus. The boutiques ability to generate income is disrupted. They sue the tech company to recover lost income.
Trivia Answers …where could the company find coverage? 15 A.Information Risk Policy B.Errors & Omissions Policy C.General Liability Policy D.Social Engineering- Info Risk Policy E.None of the Above
Claims Trivia #2 16 The Non-Profit A non-profit charity accepts donations charged to the donors credit card. Donations are accepted by phone or via the Internet. In some cases, donors authorize the charity to charge a small recurring monthly donation to the donors credit or debit card. The charity retains donor information, including credit card numbers, to support pre-authorized recurring donations. A hacker penetrates the charitys network security and copies the retained card data. The hacker sells the information to an ID theft ring. Later, the stolen information is used to withdraw funds from donors bank accounts. The donors sue the charity to recover stolen funds and the cost to repair their credit history.
Trivia Answers …where could the company find coverage? 17 A.Information Risk Policy B.Errors & Omissions Policy C.General Liability Policy D.Social Engineering- Info Risk Policy E.None of the Above
Claims Trivia #3 18 Hartford Hospital Breach- July 26, 2012 Hartford Hospital in CT announced a breach of protected health information caused by a business associate and affecting 9,558 patients. Unencrypted laptop containing PII of Hartford patients was stolen from the home of an employee of a firm called Greenplum, which is a subsidiary of one of the hospitals vendors, EMC Corp. Greenplum was performing data analysis for EMC on behalf of the hospital as part of a quality improvement project related to hospital readmissions)
Trivia Answers …where could the company find coverage? 19 A.Information Risk Policy B.Errors & Omissions Policy C.General Liability Policy D.Social Engineering- Info Risk Policy E.None of the Above
Claims Trivia #4 20 Tech Equipment Installation While in the process of installing new cable for a voice over IP system in an office building there is damage to the roof structure which later results in a roof leak. Two weeks later the customer suffers significant property damage to their server because the roof leaks in the IT room during an overnight storm.
Trivia Answers …where could the company find coverage? 21 A.Information Risk Policy B.Errors & Omissions Policy C.General Liability Policy D.Social Engineering- Info Risk Policy E.None of the Above
Claims Trivia #5 22 Wal-Mart Hack- July2012 Wal-Mart store manager in small military town in Canada receives urgent phone call from Gary Darnell in the home office in Bentonville, Ark. Darnell told the manager Wal-Mart had a multi-million dollar opportunity to win a major government contract, and that he was assigned to visit the handful of Wal-Mart stores picked as likely pilot spots. First he needed to get a complete picture of the stores operations. He would also need to know the make and version numbers of the computers operating system, Web browser and antivirus software. In 10 minutes, the thief had pried secrets loose from one of Americas biggest and most guarded corporations. Darnell is actually Shane MacDougall- now champion of this years social engineering capture the flag contest at the annual Defcon conference
Trivia Answers …where could the company find coverage? 23 A.Information Risk Policy B.Errors & Omissions Policy C.General Liability Policy D.Social Engineering- Info Risk Policy E.None of the Above
Claims Trivia #6 24 Switch Fails to Perform A digital telecommunications switch performed erratically, causing a IT Support provider to suffer a significant loss of revenue and reputation when their customers were cut off mid-conversation. The IT Support Company sued the switch manufacturer and settled for $8 million.
Trivia Answers …where could the company find coverage? 25 A.Information Risk Policy B.Errors & Omissions Policy C.General Liability Policy D.Social Engineering- Info Risk Policy E.None of the Above
Your consent to our cookies if you continue to use this website.