What if your Law Firm was breached as Mossack Fonseca was? You do not have to being secretly helping the rich and famous in hiding money to have your firm not only embarrassed, but subject to large 3rd and 1st party. All you need is one disgruntled employee with opportunity and access to be able to disclose your firm’s client’s confidential information. In the case of Mossack Fonseca an anonymous source contacted a news service and over a period of months leaked 11.5 million client documents.
What would a Data Breach releasing personal data such as dates of birth, social security numbers, driver’s license numbers, credit card information, medical records, legal records, accounting records, tax records and/or other information entrusted to the organization cost the firm? Release of this information by an organization can open up the organization to violation of HIPPA, Granm-Leach-Billey Act, or other state privacy legislation that can open up the firm to law suits for damages.
While prevention is preferred, a Law Firm needs the coverage protection of a proper Data Breach/Cyber Policy. Relying on coverage through The Law Firm’s Business Owners & Lawyers Malpractice Insurance will leave hole in your coverage.
A good Data Breach/Cyber Liability Insurance offers 1st party and 3rd party coverage. It needs to respond to the following exposures:
1st Party Claims
1. Incident Response Services
2. Ransom demands to unlock your system.
3. Notification requirements costs from federal & state laws & regulations to your clients that have suffered a data breach
4. System assistance in restoring your systems and data
5. Loss of income for the time that it takes to recover from a data breach
6. Harm to reputation & goodwill
7. Crisis Management and public relations costs
3rd Party Claims
1. Damages to clients that have suffered a data breach
2. Cost of defense to defend you from these claims
3. Regulatory Violations, fines and penalties that may be accessed against the firm