Image

 

Beazley Breach Response

INFORMATION SECURITY & PRIVACY INSURANCE

WITH BREACH RESPONSE SERVICES

NOTICE: INSURING AGREEMENTS I.A., I.C. AND I.D. OF THIS POLICY PROVIDE COVERAGE ON A CLAIMS MADE AND REPORTED BASIS AND APPLY ONLY TO CLAIMS FIRST MADE AGAINST THE INSURED DURING THE POLICY PERIOD OR THE OPTIONAL EXTENSION PERIOD (IF APPLICABLE) AND REPORTED TO THE UNDERWRITERS DURING THE POLICY PERIOD OR AS OTHERWISE PROVIDED IN CLAUSE X. OF THIS POLICY. AMOUNTS INCURRED AS CLAIMS EXPENSES UNDER THIS POLICY SHALL REDUCE AND MAY EXHAUST THE LIMIT OF LIABILITY AND ARE SUBJECT TO RETENTIONS.

 

INSURING AGREEMENT I.B. OF THE POLICY PROVIDES COVERAGE ON AN INCIDENT DISCOVERED AND REPORTED BASIS; COVERAGE UNDER SUCH INSURING AGREEMENT APPLIES ONLY TO INCIDENTS FIRST DISCOVERED BY THE INSURED AND REPORTED TO THE UNDERWRITERS DURING THE POLICY PERIOD.

 

PLEASE READ THIS POLICY CAREFULLY.

Limits Profile and Coverage Highlights

A. Policy Aggregate Limit of Liability

For all DamagesClaims Expenses, Penalties and PCI Fines, Expenses and Costs:

But sublimited to:

Option 1:    $500,000

 Option 2:  $1,000,000

Aggregate sublimit of liability applicable to Insuring Agreement C. (Regulatory)

Option 1: $100,000

Option 2: $250,000

Aggregate sublimit applicable to Insuring Agreement E. (PCI Fines, Expenses and Costs):

Option 1: $100,000

Option 2: $250,000

Each Claim Retention:

Options 1 & 2:

$2,500

B. Limit of Coverage for Beazley Breach Response Services

Notified Individuals Limit of Coverage:

A sublimit of up to 10% of the Notified Individuals Limit of Coverage applies to Notified Individuals residing outside of the United States, which amount is part of and not in addition to the Notified Individuals Limit of Coverage

Option 1: 25,000 

Option 2: 50,000 

Notified Individuals in the aggregate

Aggregate Limit of Coverage for all Computer Expert ServicesLegal Services and Public Relations and Crisis Management Expenses combined:

Option 1: $100,000 

Option 2: $250,000

Coverage for all Privacy Breach Response Services is separate from and in addition to the Policy Aggregate Limit of Liability.

Privacy Breach Response Services Threshold and Retention

Notification Services, Call Center Services, and Breach Resolution and Mitigation Services for each incident involving at least:

100 Notified Individuals 

 

Retention applicable to Computer Expert Services, Legal Services and Public Relationsand Crisis Management Expenses:

$2,500 combined, but $2,500 for Legal Services (which retention is part of and not in addition to the combined retention) 

 

 

Please click on "> Authorized Officer" to open section

Authorized Officer

The officer of the Applicant that is designated to receive any and all notices from the Insurer or its authorized representative(s) concerning this insurance.

 

Please click on "> Breach Response Contact" to open section

Breach Response Contact

You or the employee of the Applicant that is designated to manage a response, including consumer notification, in response to a data breach event.

Questions about Exposure Base

This application has 5 sets of questions that will provide the information that determine your qualification for this program instantly. This first set of 3 questions are information about your business. Overview of questions are about revenue amount, number of employees and what type of business. The next set of questions are in regard to Information security and privacy controls.

For rating purposes only, Full time employees = over 30 hours per week. 1 Part time employee = .5 employee

 

The answers provided preclude an offer for protection without further review. However, please use this application to submit to the Program Administrator who may request additional information and may offer alternative non-standard limits, retentions and/or other program options. 

Risks over 50 employees and/or $5,000,000 in revenues are not eligible for automated calculation. Please complete the questions and submit this form for special  underwriting. Underwriters may offer alternative attachment points and different rates. You may be requested to provide additional information. 

 

Preview of your Premium Options:

You will be given the chance to choose the option you want later in the application.

 

Option 1 (Limit $500,000)

Option 2 (Limit $1,000,000)

Questions about Information Security and Privacy Controls

These 4 questions are related to your system’s security, termination of access and accounts for employees exiting the company, use of credit cards and data encryption. The following set of questions will ask about website content control.

1. Does the Applicant use commercially available Firewall protection and Anti-Virus Protection

2. Does the Applicant terminate all associated computer access and user accounts as part of the regular exit process when an employee leaves the company? 

3. Does the Applicant accept credit cards for goods sold or services rendered?

A. Please state the Applicant's approximate percentage of revenues from credit card transactions in the most recent twelve (12) months:

B. Is the Applicant compliant with applicable data security standards issued by financial institutions the Applicant transacts business with (e.g. PCI standards)? 

Your answer to this question requires that we exclude PCI compliance coverage. Your policy will not  respond to PCI fines or fees assessed in the case of a credit card breach.

4. Does the Applicant have and enforce policies regarding the encryption of data stored on backup tapes, online backup services, portable computers and portable media devices

Because you have not encrypted your data, a portable media exclusion will be added to you policy. You will not have coverage if there is a breach involving your use of these types of devices.

The answers provided preclude an offer for protection without further review. However, please use this application to submit to the Program Administrator who may request additional information and may offer alternative non-standard limits, retentions and/or other program options. 

Questions about Website Content Controls

This set of 3 questions are related to your company’s website content.  The questions will ask you if certain procedures and reviews for your website content.  The next set of questions will ask about Prior Insurance.

1. Does the Applicant have a procedure for responding to allegations that content created, displayed or published by the Applicant is libelous, infringing, or in violation of a third party's privacy rights?

2. Does the Applicant have a process to review all content prior to posting on the Insured's Internet Site to avoid the posting of improper or infringing content?

3. Within the last three (3) years, has the Applicant ever received a complaint or cease and desist demand alleging trademark, copyright, invasion of privacy, or defamation with regard to any content published, displayed or distributed by or on behalf of the Applicant?

The answers provided preclude an offer for protection without further review. However, please use this application to submit to the Program Administrator who may request additional information and may offer alternative non-standard limits, retentions and/or other program options. 

Questions about Prior Insurance

This set of 2 questions are going to be about whether or not you have current insurance coverage for media, privacy or network security exposures and whether or not you have been declined or cancelled for such insurance.  The next set of questions will go over prior claims and circumstances

1. Does the Applicant currently have insurance in place covering media, privacy or network security exposures?

2. Has any professional liability, privacy, network security or media insurance ever been declined or cancelled?

The answers provided preclude an offer for protection without further review. However, please use this application to submit to the Program Administrator who may request additional information and may offer alternative non-standard limits, retentions and/or other program options. 

Questions about Prior Claims and Circumstances

This final set of 5 questions will ask you about if anyone in your company has information that may give risk to a claim. The questions will ask whether or not your company has had past claims or circumstances. The next section will allow you to choose your premium option If you qualify for coverage for this program.

1. Does the Applicant or other proposed insured, or any director, officer or employee of the Applicant or other proposed insured have knowledge of or information regarding any fact, circumstance, situation, event or transaction that may give risk to a claim or loss obligation to provide breach notification under the proposed insurance?

2. During the last 5 years has the Applicant:

A. Received and claims or complaints with respect to privacy, breach of information or network security, unauthorized disclosure of information, or defamation or content infringement?

B. Been subject to any government action, investigation or subpoena regarding any alleged violation of any law or regulation?

C. Notified consumers or any other third party of a data incident involving the Applicant?

D. Experienced an actual or attempted extortion demand with respect to its computer systems?

A "Yes" answer on any of the claims questions prevents the automatic calculation of an indicated 
premium. Please print and submit this form with additional claims information for special underwriting.

Premium Options

You are qualified to receive coverage under this program. Please choose one of the premium options

This document provides a non legally binding indication of potential pricing, based on the information you have provided within this
application. The Company gives no representation, warranty or confirmation of protection being granted. All risks must be agreed by the
 Company in writing prior to any coverage being granted.

  • If you choose "Yes", please submit this application to the Program Administrator and, if accepted, issue a confirmation of my enrollment and a certificate/policy.
 
  • If you choose "No", you agree to the following:

    I understand that I have a potential exposure to a serious financial loss that is not covered by other types of Insurance.

 

NOTICE TO APPLICANTS: ANY PERSON WHO KNOWINGLY AND WITH INTENT TO DEFRAUD ANY INSURANCE COMPANY OR OTHER PERSON FILES AN APPLICATION FOR INSURANCE OR STATEMENT OF CLAIM CONTAINING ANY MATERIALLY FALSE INFORMATION OR, CONCEALS, FOR THE PURPOSE OF MISLEADING, INFORMATION CONCERNING ANY FACT MATERIAL THERETO, COMMITS A FRAUDULENT ACT, WHICH IS A CRIME AND MAY SUBJECT SUCH PERSON TO CRIMINAL AND CIVIL PENALTIES.

NOTICE TO ARKANSAS, NEW MEXICO AND WEST VIRGINIA APPLICANTS: ANY PERSON WHO KNOWINGLY PRESENTS A FALSE OR FRAUDULENT CLAIM FOR PAYMENT OF A LOSS OR BENEFIT, OR KNOWINGLY PRESENTS FALSE INFORMATION IN AN APPLICATION FOR INSURANCE IS GUILTY OF A CRIME AND MAY BE SUBJECT TO FINES AND CONFINEMENT IN PRISON.

NOTICE TO COLORADO APPLICANTS: IT IS UNLAWFUL TO KNOWINGLY PROVIDE FALSE, INCOMPLETE, OR MISLEADING FACTS OR INFORMATION TO AN INSURANCE COMPANY FOR THE PURPOSE OF DEFRAUDING OR ATTEMPTING TO DEFRAUD THE COMPANY. PENALTIES MAY INCLUDE IMPRISONMENT, FINES, DENIAL OF INSURANCE, AND CIVIL DAMAGES. ANY INSURANCE COMPANY OR AGENT OF AN INSURANCE COMPANY WHO KNOWINGLY PROVIDES FALSE, INCOMPLETE, OR MISLEADING FACTS OR INFORMATION TO A POLICYHOLDER OR CLAIMANT FOR THE PURPOSE OF DEFRAUDING OR ATTEMPTING TO DEFRAUD THE POLICYHOLDER OR CLAIMANT WITH REGARD TO A SETTLEMENT OR AWARD PAYABLE FROM INSURANCE PROCEEDS SHALL BE REPORTED TO THE COLORADO DIVISION OF INSURANCE WITHIN THE DEPARTMENT OF REGULATORY AUTHORITIES.

NOTICE TO DISTRICT OF COLUMBIA APPLICANTS: WARNING: IT IS A CRIME TO PROVIDE FALSE OR MISLEADING INFORMATION TO AN INSURER FOR THE PURPOSE OF DEFRAUDING THE INSURER OR ANY OTHER PERSON. PENALTIES INCLUDE IMPRISONMENT AND/OR FINES. IN ADDITION, AN INSURER MAY DENY INSURANCE BENEFITS IF FALSE INFORMATION MATERIALLY RELATED TO A CLAIM WAS PROVIDED BY THE APPLICANT.

NOTICE TO FLORIDA APPLICANTS: ANY PERSON WHO KNOWINGLY AND WITH INTENT TO INJURE, DEFRAUD, OR DECEIVE ANY INSURER FILES A STATEMENT OF CLAIM OR AN APPLICATION CONTAINING ANY FALSE, INCOMPLETE OR MISLEADING INFORMATION IS GUILTY OF A FELONY IN THE THIRD DEGREE.

NOTICE TO KANSAS APPLICANTS: ANY PERSON WHO KNOWINGLY AND WITH INTENT TO DEFRAUD, PRESENTS, CAUSES TO BE PRESENTED OR PREPARED WITH KNOWEDLGE OR BELIEF THAT IT WILL BE PRESENTED TO OR BY AN INSURER, PURPORTED INSURER, BROKER OR ANY AGENT THEREOF, ANY WRITTEN STATEMENT AS PART OF, OR IN SUPPORT OF, AN APPLICATION FOR THE ISSUANCE OF, OR THE RATING OF AN INSURANCE POLICY FOR PERSONAL OR COMMERCIAL INSURANCE, OR A CLAIM FOR PAYMENT OR OTHER BENEFIT PURSUANT TO AN INSURANCE POLICY FOR COMMERCIAL OR PERSONAL INSURANCE WHICH SUCH PERSON KNOWS TO CONTAIN MATERIAL FALSE INFORMATION CONCERNING ANY FACT MATERIAL THERETO; OR CONCEALS, FOR THE PURPOSE OF MISLEADING, INFORMATION CONCERNING ANY FACT MATERIAL THERETO COMMITS A FRAUDULENT INSURANCE ACT.

NOTICE TO KENTUCKY APPLICANTS: ANY PERSON WHO KNOWINGLY AND WITH INTENT TO DEFRAUD ANY INSURANCE COMPANY OR OTHER PERSON FILES AN APPLICATION FOR INSURANCE CONTAINING ANY MATERIALLY FALSE INFORMATION, OR CONCEALS FOR THE PURPOSE OF MISLEADING, INFORMATION CONCERNING ANY FACT MATERIAL THERETO, COMMITS A FRAUDULENT INSURANCE ACT, WHICH IS A CRIME.

NOTICE TO LOUISIANA APPLICANTS: ANY PERSON WHO KNOWINGLY PRESENTS A FALSE OR FRAUDULENT CLAIM FOR PAYMENT OF A LOSS OR BENEFIT OR KNOWINGLY PRESENTS FALSE INFORMATION IN AN APPLICATION FOR INSURANCE IS GUILTY OF A CRIME AND MAY BE SUBJECT TO FINES AND CONFINEMENT IN PRISON.

NOTICE TO MAINE APPLICANTS: IT IS A CRIME TO KNOWINGLY PROVIDE FALSE, INCOMPLETE OR MISLEADING INFORMATION TO AN INSURANCE COMPANY FOR THE PURPOSE OF DEFRAUDING THE COMPANY. PENALTIES MAY INCLUDE IMPRISONMENT, FINES OR A DENIAL OF INSURANCE BENEFITS.

NOTICE TO MARYLAND APPLICANTS: ANY PERSON WHO KNOWINGLY AND WILLFULLY PRESENTS A FALSE OR FRAUDULENT CLAIM FOR PAYMENT OF A LOSS OR BENEFIT OR WHO KNOWINGLY AND WILLFULLY PRESENTS FALSE INFORMATION IN AN APPLICATION FOR INSURANCE IS GUILTY OF A CRIME AND MAY BE SUBJECT TO FINES AND CONFINEMENT IN PRISON.

NOTICE TO MINNESOTA APPLICANTS: A PERSON WHO FILES A CLAIM WITH INTENT TO DEFRAUD OR HELPS COMMIT A FRAUD AGAINST AN INSURER IS GUILTY OF A CRIME.

NOTICE TO NEW JERSEY APPLICANTS: ANY PERSON WHO INCLUDES ANY FALSE OR MISLEADING INFORMATION ON AN APPLICATION FOR AN INSURANCE POLICY IS SUBJECT TO CRIMINAL AND CIVIL PENALTIES.

NOTICE TO NEW YORK APPLICANTS: ANY PERSON WHO KNOWINGLY AND WITH INTENT TO DEFRAUD ANY INSURANCE COMPANY OR OTHER PERSON FILES AN APPLICATION FOR INSURANCE OR STATEMENT OF CLAIM CONTAINING ANY MATERIALLY FALSE INFORMATION, OR CONCEALS FOR THE PURPOSE OF MISLEADING, INFORMATION CONCERNING ANY FACT MATERIAL THERETO, COMMITS A FRAUDULENT INSURANCE ACT, WHICH IS A CRIME, AND SHALL ALSO BE SUBJECT TO A CIVIL PENALTY NOT TO EXCEED FIVE THOUSAND DOLLARS AND THE STATED VALUE OF THE CLAIM FOR EACH SUCH VIOLATION.

NOTICE TO OHIO APPLICANTS: ANY PERSON WHO, WITH INTENT TO DEFRAUD OR KNOWING THAT HE IS FACILITATING A FRAUD AGAINST AN INSURER, SUBMITS AN APPLICATION OR FILES A CLAIM CONTAINING A FALSE OR DECEPTIVE STATEMENT IS GUILTY OF INSURANCE FRAUD.

NOTICE TO OKLAHOMA APPLICANTS: WARNING: ANY PERSON WHO KNOWINGLY, AND WITH INTENT TO INJURE, DEFRAUD OR DECEIVE ANY INSURER, MAKES ANY CLAIM FOR THE PROCEEDS OF AN INSURANCE POLICY CONTAINING ANY FALSE, INCOMPLETE OR MISLEADING INFORMATION IS GUILTY OF A FELONY (365:15-1-10, 36 §3613.1).

NOTICE TO OREGON APPLICANTS: ANY PERSON WHO KNOWINGLY AND WITH INTENT TO DEFRAUD ANY INSURANCE COMPANY OR OTHER PERSON FILES AN APPLICATION FOR INSURANCE OR STATEMENT OF CLAIM CONTAINING ANY MATERIALLY FALSE INFORMATION OR, CONCEALS, FOR THE PURPOSE OF MISLEADING, INFORMATION CONCERNING ANY FACT MATERIAL THERETO, COMMITS A FRAUDULENT ACT, WHICH MAY BE A CRIME AND MAY SUBJECT SUCH PERSON TO CRIMINAL AND CIVIL PENALTIES.

NOTICE TO PENNSYLVANIA APPLICANTS: ANY PERSON WHO KNOWINGLY AND WITH INTENT TO DEFRAUD ANY INSURANCE COMPANY OR OTHER PERSON FILES AN APPLICATION FOR INSURANCE OR STATEMENT OF CLAIM CONTAINING ANY MATERIALLY FALSE INFORMATION OR CONCEALS FOR THE PURPOSE OF MISLEADING, INFORMATION CONCERNING ANY FACT MATERIAL THERETO COMMITS A FRAUDULENT INSURANCE ACT, WHICH IS A CRIME AND SUBJECTS SUCH PERSON TO CRIMINAL AND CIVIL PENALTIES.

NOTICE TO TENNESSEE, VIRGINIA AND WASHINGTON APPLICANTS: IT IS A CRIME TO KNOWINGLY PROVIDE FALSE, INCOMPLETE OR MISLEADING INFORMATION TO AN INSURANCE COMPANY FOR THE PURPOSE OF DEFRAUDING THE COMPANY. PENALTIES INCLUDE IMPRISONMENT, FINES AND DENIAL OF INSURANCE BENEFITS.

NOTICE TO VERMONT APPLICANTS: ANY PERSON WHO KNOWINGLY AND WITH INTENT TO DEFRAUD ANY INSURANCE COMPANY OR OTHER PERSON FILES AN APPLICATION FOR INSURANCE OR STATEMENT OF CLAIM CONTAINING ANY MATERIALLY FALSE INFORMATION OR, CONCEALS, FOR THE PURPOSE OF MISLEADING, INFORMATION CONCERNING ANY FACT MATERIAL THERETO, COMMITS A FRAUDULENT ACT, WHICH MAY BE A CRIME AND MAY SUBJECT SUCH PERSON TO CRIMINAL AND CIVIL PENALTIES.

THE UNDERSIGNED IS AUTHORIZED BY THE APPLICANT AND DECLARES THAT THE STATEMENTS SET FORTH HEREIN ARE TRUE. THE UNDERSIGNED AGREES THAT IF THE INFORMATION SUPPLIED ON THIS APPLICATION CHANGES BETWEEN THE DATE OF THIS APPLICATION AND THE EFFECTIVE DATE OF THE PROGRAM AND/OR INSURANCE, HE/SHE WILL, IN ORDER FOR THE INFORMATION TO BE ACCURATE ON THE EFFECTIVE DATE OF THE PROGRAM AND/OR INSURANCE, IMMEDIATELY NOTIFY THE PROGRAM ADMINISTRATOR OR INSURER OF SUCH CHANGES, AND THE PROGRAM ADMINISTRATOR OR INSURER MAY WITHDRAW OR MODIFY ANY OUTSTANDING QUOTATIONS OR AUTHORIZATIONS OR AGREEMENTS TO BIND THE PROGRAM AND/OR INSURANCE.
 
 
SIGNING OF THIS APPLICATION DOES NOT BIND THE APPLICANT OR THE INSURER TO COMPLETE THE INSURANCE, BUT IT IS AGREED THAT THIS APPLICATION SHALL BE THE BASIS OF THE CONTRACT SHOULD A POLICY BE ISSUED, AND IT WILL BECOME PART OF THE POLICY.
 
ALL WRITTEN STATEMENTS AND MATERIALS FURNISHED TO THE INSURER IN CONJUNCTION WITH THIS APPLICATION ARE HEREBY INCORPORATED BY REFERENCE INTO THIS APPLICATION AND MADE A PART HEREOF. THIS APPLICATION IS ATTACHED TO THE POLICY AT THE TIME OF ITS DELIVERY. PROVIDED, HOWEVER, THIS PARAGRAPH DOES NOT APPLY IN THE STATE OF UTAH. 
 
Furthermore, and in respect of additional and related program deliverables, the undersigned declares that he/she understands and agrees to all of the terms and conditions provided in the Customer Agreement located at: http:// biz.identityfraud.com/pages/customer-agreement and to the following statement: In respect of the Data Risk Liability insurance, I acknowledge that the coverage is provided on a "claims made" basis. I also specifically confirm that I will or that I have read, understood and agree to my state insurance disclosure, which relates to Excess and/or Surplus Lines insurance, which in summary, states the insurance company with which the Data Risk Liability coverage is being placed is not licensed by my state and is not subject to its supervision. In the event of insolvency of the insurance company, losses under the policy will not be paid by any state insurance guaranty or insolvency fund. Additionally, the coverage is provided pursuant to my acceptance into and continued active status in the Data Theft Risk Purchasing Group and/or related RPG. I understand there may be a nominal fee of $1.00 per term paid to the RPG from the proceeds of my purchase.

Please verify the information you entered

Once you have verified your information in the summary above, please hit "I Verified. Submit Application" to continue. A copy of the actual Application will be sent to you once you submit this form.