ARTICLE
29 December 2016

Reviewing Data Breach Insurance In Vendor Agreements

KP
Kirkpatrick Law PC

Contributor

Kirkpatrick Law PC logo
Kirkpatrick Law provides innovative legal services that can help businesses with a variety of general legal transactions while keeping a company's privacy, data, trade secrets, and security in mind. Kirkpatrick Law can also help companies that are interested in developing, protecting, buying, selling or managing its intellectual property.
Explore
Generally, strong privacy and security controls are required to obtain data breach insurance.
United States Privacy
Photo of Heliane Fabian
Authors
To print this article, all you need is to be registered or login on Mondaq.com.

Many cybersecurity laws and privacy laws apply to companies that use customers' personal information, and all companies have proprietary business information that theyis haves a duty to protect. Consequently, companies can be vulnerable to liability claims from customers, shareholders, directors, and regulators in the event of a data breach. Such liability is not automatically transferred when using vendor's to process such information. Therefore, vendors should carry adequate data breach insurance when processing a customers' information.

Data breach insurance can cover costs related to identity protection solutions, retaining counsel, performing investigations, public relations campaigns, and other expenses associated with a data breach. In entering an agreement with a vendor, entrepreneurs should review and assure that the vendor has the appropriate insurance related to a breach of the company'sies information. When reviewing an agreement for appropriate insurance, it would be helpful to ask the following:
(1) If a customer's data is lost, stolen, or misused, how will the vendor compensate the company?


(2) Is the vendor insured with the appropriate coverage types?
(3) Is the vendor insured at the appropriate amounts?
(4) Are the insurance requirements illustrated in the agreement?
(5) Is the company named as a beneficiary?


Generally, strong privacy and security controls are required to obtain data breach insurance. Because vendors can be a source of a breach of its customers' information, a company has an obligation to ensure that the vendors processing such information haves the means to help the company mitigate costs when a data breach occurs. Employing the advice of an attorney familiar with reviewing insurance and security terms in vendor agreements can help ensure that the appropriate terms are drafted in the agreement in order to mitigate the costs of a data breach.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Authors
Photo of Heliane Fabian
Heliane Fabian
Your Author LinkedIn Connections
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More