The key risk Cyber Liability Insurance is designed to cater for is a loss or theft of confidential client data. Client confidentiality is, of course, a law firm’s stock-in-trade and upon which the profession’s reputation stands.
If, for example, a cyber-criminal managed to hack your systems or one of your staff inadvertently downloaded some malware from an e-mail, client’s confidential data is at risk. This data is very marketable data for criminals.
Following such a breach, you could be faced with challenging exposures:-
Data Protection/Regulatory
- You would be obliged to notify all clients of the breach. This could be a very expensive exercise.
- You would be obliged to notify both the SRA and the Information Commissioner.
- You could face regulatory proceedings from both the Information Commissioner and the SRA (breach of the handbook in terms of both confidentiality and possibly failing to manage the business appropriately). The fines could be substantial, as could the costs of defending such proceedings. There is new EU GDPR legislation which comes into force very shortly which will apply despite Brexit and could lead to very substantial fines being imposed and more onerous obligations to notify clients where their data has been breached.
Reputational Damage
Do you have the means and skills to manage what could be a potential PR disaster for the firm?
- “Local law firm loses client’s private information” – to avoid damaging headlines and retain client confidence it is vital to have systems in place should you be the victim of cyber crime.
- Investment in cyber insurance provides access to services to find out what actually happened in terms of incident response.
- Do you have adequate protection ensure you can cover costs of potential PR consultancy fees to help protect your business reputation, your brand, and your image?
- Ensure you have 24/7 crisis management and Public Relations support should you need to utilise it.
Forensic IT costs
- To determine cause and ensure systems are intact.
- Help prevent future security breaches.
Data Restoration
- Electronic data cover includes data restoration, recollection and recreation following a security breach or data leak.
Loss of your Profits
Stemming from the breach.
- Ensure you are covered from crime/funds transfer fraud that covers the loss of your office account funds as a result of e-fraud.
- Network interruption cover is designed to provide for loss of profits from an attack on your systems be it external or a deliberate internal act.
Third Party Claims
For breach of their privacy and/or other related losses.
- Cover the assets of others, including your clients from security and privacy breaches, the resulting investigation, defence costs and civil damages associated with them.
- Ensure you are protected from multi-media liability and any associated costs arising from defamation, breach of privacy or negligence in publications in electronic or print media.
The effects of hacking
Viruses and malware can also be significant in terms of handling the immediate IT crisis and coping with network interruption and loss of profits.
These are just some of the exposures that could arise from a data loss or security breaches.
Cyber Liability policies are principally designed to provide crisis and risk management services immediately post-breach.
Please contact us to ask for more details or a formal quotation from QPI Legal.