1 / 25

What you need to know about Tech E&O Claims & Information Risk

What you need to know about Tech E&O Claims & Information Risk. Presentation Objectives. The Technology Business Sector faces distinct liability issues that require customized risk management solutions. Errors & Omissions What is it?

hazina
Download Presentation

What you need to know about Tech E&O Claims & Information Risk

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. What you need to know about Tech E&O Claims & Information Risk

  2. Presentation Objectives • The Technology Business Sector faces distinct liability issues that require customized risk management solutions. • Errors & Omissions • What is it? • Discuss situations that could lead to an E&O claim for a Tech professional • Information Risk • Understand legal and regulatory implications of a data breach where personally identifiable information of clients may be at risk 2

  3. Technology Environment/Trends • Why does the Technology Sector Face Unique Risk Exposures? • Tech universe is fueled by 80% small firms with less than $20M in revenue • Global risks from inception with international revenue expected to exceed 49% in three years- Networks & Businesses today are “borderless” • Continuous innovation • Size and complexity of Tech risks drive customized E&O/Info Risk solutions 3

  4. Technology Errors & Omissions • What is Errors & Omissions? • Covers the financial loss suffered by your client when the product or services your company provided fails • Covers a “wrongful act”: any actual or alleged act, error, omission, neglect, breach of duty; • 1. Committed solely in the conduct of “your work” • 2. Resulting in the failure of “your product” to perform the function or serve the purpose intended 4

  5. Technology Errors & Omissions Bodily Injury or Physical Damage Financial Loss BUSINESS INTERRUPTION Property Exposures PROPERTY GENERAL LIABILITY ERRORS & OMISSIONS Liability Exposures 5

  6. Why Does a Tech Company Need E&O? • The General Liability policy excludes many tech liability issues • “Intangible” property damage or financial loss • Professional exposures • No coverage for programming errors, contract performance disputes or issues related to data corruption • Differentiator against competitor • Frequent contract requirement • Personal Protection • Defense Costs 6

  7. Why Does a Tech Company Need E&O? (cont.) • Things go wrong and clients sue • Lack of communication between insured and client • Inability to pay for work performed • Client is acquired, new parents doesn’t like the technology • Vendor oversells capabilities • Ownership of developed software is not clearly defined 7

  8. Why A Tech Company Needs E&O: 8

  9. Technology E&O Claims: RED FLAGS • Watch for clues that there may be an E&O claim lurking… • Missing deadlines • Not hitting milestones • Few large clients/contracts- dependency • Contracts become extremely important! 9

  10. I Think I See a Potential E&O… • What should you do if you learn of a situation that you think might give rise to an E&O Claim? • Report as soon as you think there may be a situation! • No penalty for reporting • With some companies (like CNA) reporting will enable your company to benefit from free pre-claim assistance 10

  11. Information Risk (Cyber Liability) • Third Party Risks: • Your Responsibility to Others: LIABILITY • Network Security • Privacy Injury Liability • Need to comply with State Breach Laws • Regulatory Fines & Penalties • Crisis Management • First Party Risks: • WHAT CAN HAPPEN TO YOU • Loss of Data • Network Extortion • Loss of Business Income • Electronic Theft 11

  12. Hazards that Cause Information Risk Losses • Virus/Malicious code • Denial of service attacks • Hacker attacks/unauthorized access • Malicious Hardware • No Tech/Low Tech Threats: • Physical theft of device/media • Accidental release • Rogue employees • Social engineering Trivia: Define Phishing? 12

  13. Privacy Liability Exposure 13

  14. Claims Trivia #1 • The Retailer • A mid-sized technology company hosts Web sites for retailers. • A high fashion boutique relies on Web site availability to generate e-commerce income. • The technology company’s site is disrupted by a virus. • The boutique’s ability to generate income is disrupted. • They sue the tech company to recover lost income. 14

  15. Trivia Answers…where could the company find coverage? Information Risk Policy Errors & Omissions Policy General Liability Policy Social Engineering- Info Risk Policy None of the Above 15

  16. Claims Trivia #2 • The Non-Profit • A non-profit charity accepts donations charged to the donor’s credit card. • Donations are accepted by phone or via the Internet. • In some cases, donors authorize the charity to charge a small recurring monthly donation to the donor’s credit or debit card. • The charity retains donor information, including credit card numbers, to support pre-authorized recurring donations. A hacker penetrates the charity’s network security and copies the retained card data. The hacker sells the information to an ID theft ring. Later, the stolen information is used to withdraw funds from donors’ bank accounts. The donors sue the charity to recover stolen funds and the cost to repair their credit history. 16

  17. Trivia Answers…where could the company find coverage? • Information Risk Policy • Errors & Omissions Policy • General Liability Policy • Social Engineering- Info Risk Policy • None of the Above 17

  18. Claims Trivia #3 • Hartford Hospital Breach- July 26, 2012 • Hartford Hospital in CT announced a breach of protected health information caused by a business associate and affecting 9,558 patients. • Unencrypted laptop containing PII of Hartford patients was stolen from the home of an employee of a firm called Greenplum, which is a subsidiary of one of the hospital’s vendors, EMC Corp. • Greenplum was performing data analysis for EMC on behalf of the hospital as part of a quality improvement project related to hospital readmissions) 18

  19. Trivia Answers…where could the company find coverage? • Information Risk Policy • Errors & Omissions Policy • General Liability Policy • Social Engineering- Info Risk Policy • None of the Above 19

  20. Claims Trivia #4 • Tech Equipment Installation • While in the process of installing new cable for a voice over IP system in an office building there is damage to the roof structure which later results in a roof leak. • Two weeks later the customer suffers significant property damage to their server because the roof leaks in the IT room during an overnight storm. 20

  21. Trivia Answers…where could the company find coverage? • Information Risk Policy • Errors & Omissions Policy • General Liability Policy • Social Engineering- Info Risk Policy • None of the Above 21

  22. Claims Trivia #5 • Wal-Mart Hack- July2012 • Wal-Mart store manager in small military town in Canada receives urgent phone call from “Gary Darnell” in the home office in Bentonville, Ark. • Darnell told the manager Wal-Mart had a multi-million dollar opportunity to win a major government contract, and that he was assigned to visit the handful of Wal-Mart stores picked as likely pilot spots. First he needed to get a complete picture of the store’s operations. He would also need to know the make and version numbers of the computer’s operating system, Web browser and antivirus software. • In 10 minutes, the thief had pried secrets loose from one of America’s biggest and most guarded corporations. • Darnell is actually Shane MacDougall- now champion of this year’s social engineering “capture the flag” contest” at the annual Defcon conference 22

  23. Trivia Answers…where could the company find coverage? • Information Risk Policy • Errors & Omissions Policy • General Liability Policy • Social Engineering- Info Risk Policy • None of the Above 23

  24. Claims Trivia #6 • Switch Fails to Perform • A digital telecommunications switch performed erratically, causing a IT Support provider to suffer a significant loss of revenue and reputation when their customers were cut off mid-conversation. • The IT Support Company sued the switch manufacturer and settled for $8 million. 24

  25. Trivia Answers…where could the company find coverage? • Information Risk Policy • Errors & Omissions Policy • General Liability Policy • Social Engineering- Info Risk Policy • None of the Above 25

More Related