Is your business prepared for a privacy breach?

Small and mid-size businesses face growing privacy breach threats and costs. 43% of cyber-attacks struck organizations with less than 250 workers. Sixty-nine percent of these attacks were perpetrated by outsiders.*

The cybercrime economy has grown to at least $1.5 trillion in profits each year. In addition, it is estimated that 30% of the world’s top websites are not secure, and 68% of businesses do not have cyber insurance coverage.**

Berkley Southeast Insurance Group offers commercial insurance protection, including Privacy Breach Expense Coverage, which is the first line of defense in privacy breach preparedness, compliance and resolution. Partnering with NetDiligence®, we also offer services to assist you in developing a breach response strategy and incident management plan.

*Source: According to the 2018 Verizon Data Breach Investigations Report
**Source: https://www.thesslstore.com/blog/about-the-ssl-store/ 80 Eye-Opening Cyber Security Statistics for 2019

What is Privacy Breach?

A privacy breach is an incident resulting in the unauthorized disclosure or potential exposure of sensitive, protected data. Lost data may involve private information such as a Social Security numbers, bank account details and credit card numbers or personal health information.

Coverages available to protect your business in the event of a privacy breach

We offer the following specialty coverages and services, for eligible risks:

  • First Party Privacy Breach Expense: resources to notify customers in the event of a covered breach of protected information
  • Third Party Cyber Liability Coverage: for covered claims from customers involved in a privacy breach. Coverage includes Media Wrongful Acts, Network Security Wrongful Acts, and Privacy Wrongful Acts
  • Regulatory Proceeding Claim Expense: legal expenses involved with a regulatory proceeding resulting from a covered claim
  • 24/7 claim reporting and emergency services
Services available to help you avoid or manage a privacy breach incident

Access to the following services is provided through a secure eRiskHub® portal site containing valuable technical resources to assist you with prevention of network, cyber and privacy losses and support you in the timely reporting and recovery of losses if an incident occurs:

  • Data breach cost calculator
  • Assessment tools and sample policies
  • Notification laws and regulations
  • Research tools and news
  • Access to Data Coaches

Please note that BSIG does not endorse any companies listed in the directory of providers contained within the eRiskHub® portal. Unless otherwise indicated or approved, payment for services provided by these companies is your responsibility.

For BSIG policyholders with Cyber coverage forms CL IL-01-22-06-18 or CL IL-01-21-06-18 who want more information please visit: https://eriskhub.com/bsig.

Claim Reporting

In the event of a breach or ransomware event, please contact the Berkley Southeast Insurance Group Cyber Incident Evaluation Hotline at 844-367-8262 or berkleysoutheast.breachhotline@mullen.law.

Claim reporting tips:
Please be prepared to provide the following information when reporting your claim:

  • Your full name
  • Business name
  • Phone number
  • Policy number, and
  • The date when you first became aware of the breach event

If calling the hotline, you will be asked to leave a voicemail message with the above information. After leaving the voicemail a representative from the Mullen and Mahon law firm will contact you within two business hours to discuss the event and to help you develop a response plan.

What are the top three things I should do to manage cyber risk?

  1. Have an internal discussion between senior management and IT staff about cyber risk management. Look at what cyber security practices are in place to safeguard private information and the integrity of your systems. Are they reasonable, given the size and scope of the organization, and is there the proper support from management to sustain these practices? If not, how can these practices be improved? Do you have an inventory of vital personal data from customers and network components and do you know where it resides?
  2. Conduct an enterprise-level cyber risk assessment — this can be through a third-party consultant or it can be an internal self-assessment. The point is to determine and document how cyber security practices measure up to recognized privacy and security standards, note any weak spots and document them in a remediation plan.
  3. Revisit your insurance coverage portfolio to determine whether there is cyber liability insurance coverage and, if not, consider either purchasing a cyber policy or choose to cede residual risk through contractual defense/indemnity service-level agreement provisions with third party providers (although this is often difficult).

* Source: NetDiligence® — 2019 Newsletter/FAQs

Additional Resource Materials

These descriptions provide general information only. This is not a statement of contract and does not constitute a binder of insurance. Any coverage advertised herein is subject to the terms and conditions of the policy.


To find out how BSIG can help with your Privacy Breach and Cyber Liability…

BSIG Claims Service Commitment

  • 24/7/365 multi-platform claim reporting
  • Accelerated auto and property estimating and repair options
  • Fast Track medical only claims handling program
  • Tele-emergent medicine program-immediately connects injured workers to medical care, not triage
  • Return to work programs resulting in employees returning to work 42% quicker than the Official Disability Guidelines (ODG)
  • Immediately report auto losses, obtain photos, locate a body shop with just your policy number through our mobile auto app