Question: Will the COVID-19 pandemic complicate cyber insurance claims?
Jeff Dennis, head of Newmeyer Dillion's Privacy & Data Security practice: Most organizations are now requiring that their employees work from home with the ongoing novel coronavirus disease (COVID-19) pandemic. However, in the event of a breach or other incident, there may be limitations in your cyber liability insurance policy based upon the type of hardware being used. As with all contracts, whether there is coverage or not will depend on the specific terms and conditions of the insurance policy itself.
One issue that may be overlooked is that many cyber liability insurance policies make a distinction between computer hardware owned by the insured company and computer hardware or other devices owned by company employees. This distinction becomes critical as the insuring agreements may limit or exclude coverage for computer hardware that it is not owned by the named insured. The insurance policy may also have other requirements related to the use of personal devices by employees, such as requiring a formal written policy to address the use of such devices.
Some organizations may provide company-owned laptops to employees, while others allow employees to use their own devices to perform work. Companies may be forced to allow employees to work from home during this pandemic - using personal laptops, tablets and other devices necessary to complete their work. Depending on the cyber liability policy, there may not be coverage for the use of such non-company owned hardware. And in the event of a breach or other cyber incident, there may not be coverage for subsequent damage or other coverage that you expect to have.
Cyber liability insurance policies should be reviewed by cyber insurance coverage experts to understand all available coverages and limitations. It is best to be proactive and immediately complete an insurance review to ensure you have the coverage you expect during this pandemic.