Cyber vs. Errors & Omissions Coverage
Ensure you have the right tools in place
Staffing firms that make Information Technology placements are seeing more frequent contractual requirements from their clients for Cyber Liability coverage. More often than not, the coverage most clients seek for common claim scenarios would actually fall under the staffing firm’s Errors & Omissions (E&O)/Professional Liability policy. Clarifying the intent of the Cyber Liability coverage requirement with the client may reduce the need to purchase additional coverage or limits that would not ultimately provide the client with the intended protection.
Digging Deeper into Cyber Liability
Cyber Liability encompasses several different first and third party coverages for security and privacy liability exposures. The first party coverages provide coverage for a company’s electronic data and resultant loss of business income from a breach of the company’s computer systems or network. The third party coverages provide coverage for alleged violations of a third party’s privacy through the disclosure or risk of disclosure of personal information, including violations of privacy regulations. Additional coverages are provided for notification costs and related expenses, such as providing credit monitoring services. Coverage is excluded for losses that arise out of failure to provide professional services.
Drilling into Errors & Omissions Coverage
E&O/Professional Liability coverage provides coverage for financial damages caused by a company’s errors or omissions in providing professional services. In the case of a staffing firm making Information Technology placements, the policy should be structured to respond to errors or omissions made both in providing staffing and IT services to their client.
Nailing Down an Example
A client could incur first party costs to repair or restore data within their systems as a result of the staffing firm’s employee leaving the client’s network vulnerable to an unauthorized access of the system, as well as loss of business income and extra expenses incurred while the network was being repaired. The staffing firm’s Cyber Liability policy would not respond, as they did not suffer a first party loss to data within their own network or systems – the loss took place within their client’s network.
Under the same scenario, if a third party’s personal data was accessed, such as an employee or vendor of the client, the client may be required to provide credit monitoring services to the third party. This would be in addition to potentially facing a lawsuit alleging a breach of privacy. Because the damages arise out of the staffing firm’s employee’s failure to properly provide IT services to the client company, the damages would be excluded from the staffing firm’s Cyber Liability policy.
The E&O/Professional Liability policy should respond to this loss because the damages resulted from the failure to provide professional services.
Want more tips on minimizing risk at your company delivered straight to your email inbox? Regisiter for our mailing list here.
- AU Replay Data Security Breaches Webinar Recording
- 10 Standard Liability Concers for Staffing Companies
- E&O Insurance: Good News & Bad News
- Cyber Liability E-Book
Written by: Kerri Quigley, CPCU, ARM, AU | Vice President
Edited by: Diane Poljak
ABOUT THE AUTHOR