Cyber and Privacy Insurance — a type of insurance designed to cover consumers of technology services or
products. More specifically, the policies are intended to cover a variety of
both liability and property losses that may result when a business engages in
various electronic activities, such as selling on the Internet or collecting
data within its internal electronic network.
Most notably, but not exclusively, cyber and privacy policies cover a
business' liability for a data breach in which the firm's
customers' personal information, such as Social Security or credit card
numbers, is exposed or stolen by a hacker or other criminal who has gained
access to the firm's electronic network. The policies cover a variety of
expenses associated with data breaches, including: notification costs, credit
monitoring, costs to defend claims by state regulators, fines and penalties,
and loss resulting from identity theft.
In addition, the policies cover liability arising from website media content,
as well as property exposures from: (a) business interruption, (b) data
loss/destruction, (c) computer fraud, (d) funds transfer loss, and (e) cyber
extortion.
Cyber and privacy insurance is often confused with technology errors and
omissions (tech E&O) insurance. In contrast to cyber and privacy insurance,
tech E&O coverage is intended to protect providers of technology products
and services, such as computer software and hardware manufacturers, website
designers, and firms that store corporate data on an off-site basis.
Nevertheless, tech E&O insurance policies do contain a number of the same
insuring agreements as cyber and privacy policies.