HSB Offers Data Compromise Coverage for Small to Mid-Size Firms

June 4, 2008

The Hartford Steam Boiler Inspection and Insurance Co. has a new data compromise insurance coverage that helps businesses respond to data breaches by covering the cost of client notifications and supplying services such as credit monitoring and identity restoration for victims of identity theft.

HSB’s data compromise coverage is offered as a turn-key program through other insurance companies seeking to enhance their commercial insurance policies and offer the coverage as an optional endorsement.

As of May 1, 2008, 42 states plus the District of Columbia and Puerto Rico had enacted legislation requiring notification of security breaches involving personal, non-public information which the business controls, according to HSB. Generally, these laws mandate expedient notification “without unreasonable delay” and many statutes impose civil or criminal penalties for failure to promptly disclose.

“When a data breach occurs, customers expect prompt notification and assistance if their personal information is compromised. How well a business responds can mean the difference between keeping and losing clients,” said Mark MacGougan, HSB vice president for strategic products

He said data breaches are no longer just a problem for big business as identity thieves are also targeting smaller businesses, pilfering discarded documents, stealing business laptops and exploiting employees with access to client data.

“Even smaller businesses have an obligation to alert their customers promptly but they want to send some good news with the bad,” said MacGougan. “Businesses with limited resources don’t know where to start. What we’re enabling small firms to do is to have as professional a response as those of large companies.”

HSB’s program pays for the following services provided by third party professional service suppliers when a data breach occurs:

Legal review of statutory obligations which vary by state and circumstance.

Forensic information support to determine the nature and scope of the breach, to identify the individuals affected and what means are available to notify them.

Preparation and production of notifications and call center support.

Credit monitoring for persons affected.

Identity restoration case management and other personal services for victims of identity theft that occurred because of the data breach.

Source: HSB

Was this article valuable?

Here are more articles you may enjoy.