Skip to content
22 May 2013
Companies are six times less likely to be sued after data breaches if they provide free services to monitor accounts for suspicious transactions, according to Zurich.
The finding comes from a study by Carnegie Mellon and Temple universities in the US of lawsuits after companies lost or compromised people’s personal information.
Individuals are 3.5 times more likely to sue if they suffer financial harm, Zurich National Underwriting Manager Financial Institutions Martin Zschech told brokers at a Melbourne forum last week.
They are three times more likely to litigate if the company is thought to have been negligent, rather than being the “unfortunate victim” of hardware theft.
And people are six times more likely to sue if financial data is compromised, compared with other types of personal information such as medical records.
Mr Zschech also referred to a study by cyber risk company NetDiligence showing 23% of data breaches are caused by hackers, while 19% are from lost devices.
Some 26% of breaches happen in the financial services industry, with 20% in healthcare.
He says research by the Ponemon Institute found the average cost of a data breach is $US194 ($186) per record.
Mr Zschech says in Zurich’s experience notification costs average just $1 per record but credit monitoring as a result of compromised credit card details costs $25-30 per record, not including costs such as crisis management and public relations.
First-party costs are a greater cause of paid loss than third-party costs, in which the insured is legally liable for the loss of a third party.
“But don’t forget about low-tech breaches,” Mr Zschech said. The leading cause of paid loss for Zurich is wrongly addressed emails or letters containing private information.
He says Zurich calls its policy security and privacy protection insurance, and it is “much more than cyber risks”.
Global Chief Underwriting Officer Professional Liability Lori Bailey gave forum delegates an international perspective. “In the US, if you have a national data breach, there are 46 state laws to comply with.”
Changes to the EU data protection legal framework are also under way, she says.
It will call for regulators to be notified of data breaches as soon as possible (within 24 hours if feasible), force companies with more than 250 employees to appoint a data protection officer and impose penalties up to 2% of global annual turnover for failure to comply.
15 May 2013
Do you have excellent customer service skills, experience in the administration field and have general insurance knowledge? Then we are looking for you!
8 May 2013
Extremely strong aggregating brand I Warm referrals I Manage existing relationships
6 May 2013
Full-time position I Great team environment I Bring your knowledge and skills to a company who values expertise
29 April 2013
An exciting opportunity exists to join Willis at the Sydney practice as an Account Manager, providing risk management and insurance advice to a broad range of insolvency practitioner clients.
23 April 2013
We are seeking a dynamic individual to lead a team of 170+ employees, delivering exceptional claims services to a range of customers nationally, while maintaining a focus on service standards, efficiency and effectiveness.
23 April 2013
This position offers a pathway smf training for the right person seeking a rewarding career in a specialty field within general insurance broking.