As a fully licensed independent brokerage, Risk Cooperative can originate, quote and place a large array of specialty lines insurance solutions. Customers need solutions that follow their operations worldwide and Risk Cooperative can help.
Risk Cooperative offers uninterrupted global supply chain solutions, covering point-to-point movements, inventory and stockpiling worldwide. Our program provides coverage for supply chain disruptions across risk categories, including but not limited to natural disasters, business risks, war, terrorism, and more.
As globalization continues to rise and firms expand abroad, the growing unpredictability of the world stage and increasing geopolitical tensions can make higher risk associated with deploying capital investments overseas unpalatable. Risk Cooperative has worked extensively with organizations and investment funds to develop risk reduction strategies, limiting the downside exposure of investments overseas. Our political risk insurance practice works closely with clients ensuring they are protected in the most adverse of events. Our Political risk insurance programs can be highly customized and can include the following coverage components:
- Losses as a result of war / civil unrest
- Import or export embargoes
- Arbitrary termination of contract by a state purchaser
- Withdrawal of license, loss of receivables through non-payment
- Exchange, transfer and payment bans
- Other arbitrary intervention by the state
- Non-issue of a confirmed letter of credit
- Revocation of rights of disposal
- Transfer ban for investment income
- Confiscation, expropriation, or nationalization.
- Currency inconvertibility and non-transfer
- Political violence (including terrorism and war)
- Contract frustration due to political events
- Sovereign payment default
- Wrongful calling of on-demand guarantees and bonds
Turnkey trade credit and investment promotion insurance programs help give firms access to the world while mitigating downside risk. Portfolio- level programs are available to spread risk and leverage economies of scale. Coverage & Expertise:
- Credit Solutions
- Credit insurance (domestic and export)
- Project finance, factoring and asset-backed finance structures
- Unfair calling of contract bonds
- Trade disruption insurance
- Accounts Receivable Insurance – Protections for steady cash flow and mitigating risks of non-payment by key customers
- Trade Credit Insurance – Protects sellers of goods and services on credit against the risk of customer non-payment due to customer insolvency, protracted default, political events, or acts of war that prevent contract performance
- Top Accounts/Single-Buyer Policy – Protects sellers against exposure of non-payment by a single key customer, available for both short and medium terms
- Comprehensive Domestic & Export Credit Insurance – Provides global sellers flexible safeguards against negative impacts on account receivables, including customer default and political events
- Credit Insurance for Banks & Financial Institutions – Protects against risks associated with credit exposure and bad debts across the globe
- Global medical insurance
- International group disability insurance
- International group life insurance
- Defense base act
- Student travel accident and travel medical insurance
- International transit and cargo
- International Fleet insurance
- International combined liability insurance
- Business interruption and commercial property insurance
- International Executive and financial risks coverage
In today’s world, acts of war and terrorism have unfortunately become more commonplace. Our war and terrorism insurance programs help to provide organizations with an added layer of protection for some of these more unpredictable risks, highly customized on a global basis. Key coverage components include:
- Sabotage and terrorism
- Riots, strikes, civil commotion, and malicious damage
- Political violence
- Terrorism construction
- Third-party liability and employee liability
- Loss of attraction and event cancellation
- Physical Security and active assailant insurance
Risk Cooperative can create custom tailored solutions or product bundles as a part of our brokerage process.
As the number of cyber breaches continues to skyrocket, impacting companies of all sizes and across industries, hospitals – providing mission-critical medical care and with access to protected health information (PHI) – have proven to be a prized target.
In 2019 an unthinkable incident occurred that still sends shockwaves through the medical community. Springhill Medical Center, located in Alabama, suffered a ransomware attack that rendered critical medical equipment useless. As a direct result of networks and monitoring equipment being offline, a baby born in distress later died.
Today’s medical community relies heavily on technology. In fact, the copious amount of Big Data and Artificial Intelligence used by advanced medical equipment to diagnose and treat maladies can be seen as the modern-day microscope. But what happens when this “modern day microscope” makes an error? Or worse, what if these tools are compromised by a cyber-attack, such as what occurred with the Springhill incident?
The term vicarious liability describes an important concept in hospital risk management; it means that multiple parties can be responsible for the outcome of a patient’s care. For example, if a patient experiences unplanned complications with a medical procedure, they may not only sue the surgeon, but the hospital itself could be targeted with legal action.
Cyber risks create an even more insidious challenge from a vicarious liability perspective. What happens if a doctor misdiagnosis a patient’s condition because a cyber attack rendered equipment inaccessible for an extended period of time? What if the patient is injured or dies as a result? Would cyber insurance cover claims brought against it by the patient’s family, or would malpractice insurance provide coverage?
Currently, bodily injury is frequently excluded from many professional liability policies. Due to situations like Springhill, the medical risk management community must review their malpractice policies to ensure that they address exclusions related to bodily injury or loss of life resulting from a cyber-attack. In more ways than one, failure to stay on top of this intersection of cyber risk and professional liability may prove costly.
Imagine you are the CEO of a software company and you experience a ransomware attack that not only affects you but also hundreds of your clients? This situation occurred during the summer of 2019 when The Digital Dental Record and PerCSoft collaborated on a software solution for dentist offices called DDS Safe. According to the …
Imagine you are the CEO of a software company and you experience a ransomware attack that not only affects you but also hundreds of your clients? This situation occurred during the summer of 2019 when The Digital Dental Record and PerCSoft collaborated on a software solution for dentist offices called DDS Safe.
According to the technology website ZDNet, ransomware called REvil was spread to hundreds of computers in dentist offices around the country through DDS Safe. While the makers of the software paid the ransom so that these offices could gain access to their systems with important medical records, there were reports of some offices never fully recovering all of their data, and the process was slow and tedious for all parties involved.
How can makers of software and technology companies protect themselves and their clients from these cyber attacks which are growing in severity and frequency? Thankfully, there is a solution – Technology Errors & Omissions Insurance.
Technology Errors & Omissions, or Tech E&O, is a type of coverage that protects technology companies against third-party lawsuits by a customer(s) because of an error or omission discovered in their technology that negatively impacts the customer (s). Tech E&O is specifically tailored to address the unique errors & omissions exposures presented by technology companies; medical doctors, for example, have errors & omissions insurance commonly known as “malpractice” insurance.
A robust Tech E&O policy has a component covering first-party liability damages as well, referred to as Cyber Liability Insurance. Cyber insurance covers the cost for a tech firm to recover from a data breach, virus, or other cyberattack.
Tech E&O policies provide coverage in a variety of ways. A tech firm may have a suit arise because the customer is dissatisfied with the performance of their technology or the customer’s expectations were higher than the capabilities of the product. In other instances, a customer may misuse the software or technology and file a claim, and Tech E&O would cover the legal costs associated with such claim. This is an important aspect of the coverage, the software may not be defective, yet the tech firm will have to defend itself to demonstrate the effectiveness of the software. In the case of DDS Safe, some medical records may have been stolen and sold on the dark web. Tech E&O would cover any liability, up to the limits of the coverage, and pay for items such as credit monitoring for those victims affected as well as any regulatory penalties levied by federal, state, and local authorities.
Below are the coverages a comprehensive Tech E&O insurance policy should contain:
Third Party Coverages
Network Security and Privacy Liability | Covers damages and legal costs a firm suffers for the failure to protect a customer’s or employees’ Personal Identifiable Information (PII)/ Personal Health Information (PHI) such as SSN data, credit card numbers, medical information, or passwords via theft, unauthorized access, viruses, or denial of service attack. In many policies, the loss of PII/PHI on paper files can also be covered.
Breach Management Expenses | Covers costs for an external IT security expert to determine the cause, scope, and extent of the Privacy Breach or Security Breach. This also covers the legal costs associated with notifying affected customers (via phone, letter, or email) in compliance with privacy regulations. Costs for credit monitoring services, identity monitoring services, or identity theft insurance for customers affected can also be covered for a certain number of months.
Regulatory Investigations, Fines and Penalties | Covers the costs of dealing with state and federal regulatory agencies who oversee data breach laws and regulations, including (1) the costs of hiring attorneys to consult with regulators during investigations and (2) the payment of regulatory fines and penalties that are levied against the insured (as a result of the breach).
Media Liability | Covers claims involving alleged media and advertising exposures, including allegedly improper website-related conduct, defamation, slander, libel, copyright infringement, and other forms of intellectual property infringement in the course of a tech firm’s communication of media content in electronic or non-electronic form.
PCI DSS Assessment Expenses | Offers coverage for assessments, fines or penalties imposed by banks or credit card companies due to non-compliance with the Payment Card Industry Data Security Standard (PCI DSS) or credit card company rules. Firms that collect and store customer credit card information should have this coverage. However, even if a third-party vendor, such as Stripe, collects and stores customer credit card information, a firm should still have this coverage to protect against vicarious liability.
First Party Coverages
Business Interruption | Coverage for a tech firm’s earnings lost during a period of restoration resulting directly from a cyber breach. Business interruption sometimes includes coverage for an unintentional or unplanned network outage, due to either human or system error.
Contingent Business Interruption | Coverage for a tech firm’s earnings lost during a period of restoration resulting from a third-party supplier or distributor shutdown whose interruption directly impacts a tech firm’s ability to provide a product or service to customers.
Digital Asset Restoration | Coverage to restore or recreate any software assets to their pre-loss state. Hardware assets are not covered.
Social Engineering & Cyber Crime Coverage | Covers financial fraud loss, telecommunications fraud loss, phishing attack loss, theft of funds held in escrow, or theft of personal fund.
Reputational Loss Coverage | Coverage for reputational harm or earnings loss sustained during a period of restoration resulting directly from a cyber breach. Includes loss of contracts as a result of a breach.
Cyber Extortion and Ransomware Coverage | Reimbursement for cyber extortion expenses and payments directly resulting from a cyber extortion threat.
Breach Response and Remediation Expenses | Provides coverage for a breach response panel of specialists (IT forensics experts, crises communications specialists, legal team, etc.) to respond to a cyber breach.
You may ask, how do the insurance markets price Tech E&O? The coverage is rated on the following four factors:
- Revenue of the tech firm. The higher the revenue, the greater the exposure and “funds at risk” so the premium would be higher.
- The industry of the tech firm. The healthcare industry, for example, has more expensive insurance premiums given the nature of liability involved with health data at stake.
- History of ANY past claims related to data breaches.
- The limits of coverage desired, as well as the retention (deductible.) Limits can range from $1 Million, $3 Million, $5 Million, $10, Million, etc. Retentions can range from $2,500, $5,000, $10,000, etc.
According to IBM, the average cost of a data breach for a U.S. company was $3.9 Million in 2019. These data breaches have long tails; on average 67% of the costs were incurred in the first year, 22% in the second year, and the remaining 11% during the third year. If a technology company is hesitant about procuring a robust Tech E&O policy due to cost, the bigger question to consider is if they can afford NOT to have Tech E&O.