Indemnification: The Importance of Having Proper Insurance
When a business works with a third party vendor to recycle its retired computers, one of its biggest concerns is making sure the vendor carries the right type of insurance. That business wants to know what would happen if something went wrong, even if it happened by accident. For example, let’s say one of your company’s laptops was donated or resold by a recycler, and for some reason, sensitive information on that computer never got erased, so that data is now available in the public domain. What would happen next?
Well, your company could receive a certified letter (return receipt requested) from the Attorney General’s office, and you would be brought into court for committing a data breach. Good thing your recycler had insurance, right? Because this was clearly an accident and that’s what insurance is for…right?
Most computer recyclers have General Liability Insurance and Errors and Omissions Insurance. However, that insurance only covers them, not you — unless it is adjusted to do so. In order for you to get access to their insurance, you may need to sue them, and win— after your court case with the Attorney General, that is.
To avoid this situation, your business needs two types of insurance:
1. Cyber-Liability Insurance, a relatively new insurance option, is designed to protect you and your business from the myriad threats to data that exist in today’s highly connected world.
2. You and your company need to be added as additionally insured on your computer recycler’s policy.
If you had these two insurance items in place, the situation described above would turn out quite differently for you. Upon receipt of that certified letter from the Attorney General, you would be able to enact your defense through your recycler’s insurer, which would in turn issue a reservation of rights letter and begin an investigation on your behalf. Even better, most insurers would also probably cover your attorney’s fees, which, in cases like this, could be massive.
A 2015 global study performed by IBM and the Ponemon Institute found that the average cost of a data breach is $3.79 million. We always advise our clients to plan for the worst, be able to defend themselves and have the right protection in place in case accidents happen….because, unfortunately, they do!
Stay tuned for our upcoming post on the specifics of Cyber-Liability Insurance — what it means and what it doesn’t mean.