Originally published in Anderson Kill's Policyholder Advisor & Alert, April 2016
A decision handed down by the Fourth Circuit Court of Appeals this week highlights that traditional insurance policies still provide valuable insurance coverage for data breaches and other cyber-related losses.
While CGL policies in particular increasingly add exclusions seeking to exclude cyber claims, companies faced with fallout from a data breach or other cyber loss should still scrutinize their existing non-cyber policies because:
- there may be no such exclusion; their inclusion is not universal;
- there are a variety of exclusions that are not uniform in terms of their exclusionary effect; and
- policies issued on an occurrence basis in prior policy years may still offer valuable coverage.
That last eventuality proved to be the case in Portal Healthcare v. Travelers Indemnity Company, Case No. 14-1944, which concerned coverage for a class action complaint filed in 2013.
The decision is noteworthy not only for finding coverage to defend cyber litigation after an unauthorized medical data disclosure, but also for the court's determination of what constitutes "publication" of data in an alleged breach of privacy. The Court affirmed the trial court decision that publication occurs upon disclosure of the medical data, does not need to be intended, and does not require proof of actual third-party review of the medical data disclosed.
This case is an important reminder that non-cyber specific insurance policies may provide vital insurance protection for cyber related claims. We have secured insurance coverage for numerous policyholders for cyber related claims under a variety of "standard" insurance policies including crime insurance, CGL policies, business package policies, property insurance (including time element provisions), E&O insurance, and D&O insurance.
For further information concerning insurance coverage for cyber-related claims, please read more here.
Joshua Gold is a shareholder in the New York office of Anderson Kill and chair of the firm's Cyber Insurance Recovery Group. Mr. Gold's practice involves matters ranging from international arbitration, data security, directors' and officers' insurance, business income/property insurance, commercial crime insurance, and insurance captives. He has been lead trial counsel in multiparty bench and jury trials, and has negotiated and crafted scores of settlement agreements including coverage-in- place agreements. | jgold@andersonkill.com
About Anderson Kill
Anderson Kill practices law in the areas of Insurance Recovery, Commercial Litigation, Environmental Law, Estate, Trusts and Tax Services, Corporate and Securities, Antitrust, Banking and Lending, Bankruptcy and Restructuring, Real Estate and Construction, Foreign Investment Recovery, Public Law, Government Affairs, Employment and Labor Law, Captive Insurance, Intellectual Property, Corporate Tax, Hospitality, and Health Reform. Recognized nationwide by Chambers USA for Client Service and Commercial Awareness, and best-known for its work in insurance recovery, the firm represents policyholders only in insurance coverage disputes - with no ties to insurance companies and has no conflicts of interest. Clients include Fortune 1000 companies, small and medium-sized businesses, governmental entities, and nonprofits as well as personal estates. Based in New York City, the firm also has offices in Ventura, CA, Philadelphia, PA, Stamford, CT, Washington, DC and Newark, NJ.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
