A few months ago we mentioned a suit Shore v Johnson & Bell (Docket No. 116cv04363) concerning a potential class action suit against the firm for not having security measures up to industry standards and thus not properly protecting client data. Turns out that the Johnson & Bell client retainer agreements in question have an arbitration clause. Suit was dismissed in Federal court and is now in arbitration.
An article by Jennifer Quinn Broda of Sedwick LLP makes some interesting points about potential insurance coverage or lack thereof. It is likely that the attorney malpractice or lawyers professional liability insurance policy will not provide coverage for this matter. Her reasoning is that even if the wording in the insuring agreement does trigger a professional liability insurance covered matter, the suit was asking for injunctive relief and return of attorney’s fees. Most attorney malpractice policies exclude coverage for these items.
Further, because there really was not a data breach, it is unlikely that the coverage in the cyber liability policy would be triggered. Even if it is, most cyber policies exclude coverage for injunctive relief and attorney’s fees.
What may be also of interest is that Edelson PC stated that they have filed similar suits against other law firms. Given this it may be just a matter of time, to find out if there truly is any coverage provided by Attorney Malpractice or Cyber Liability Insurance Policies for this. You can also expand these issues to just about any professional services organization that has confidential client information.