The Cyber Insurance Claim Process: What to Expect?

Cyber Insurance Claim Process

The cyber insurance claim process is simple to understand. At the same time, it is important for companies, dealing with hacking, security breaches, fraud, etc, to understand the liability of insurers towards claims. Documentation and communication are the key processes of cyber security insurance claims.

Let us understand the cyber insurance claim process in detail.

Breach by Third-Party

The process starts with the commission of a breach of data or security by a third party. The insured must discover or notice such activity and take it into account. No device is safe. The breach of privacy or data may occur at any moment.

Lodge FIR

Upon discovering such activities as mentioned above, the insured, without wasting any moment, visit the police station or state-owned cyber security department and lodge a complaint or FIR regarding such incidence. The copy of the complaint or FIR must be kept safe for records.

Intimation

Upon discovering the threat and lodging the FIR with the cyber cell department, the insured must appraise the claim to the insurance company. It should be done within one or two days of such threats. On top of that, the insured must contact the insurance company via the helpline number or email immediately after suffering a loss.

According to the insurance contract, the insurance companies expect their customer to inform them about the incidents. If the insured takes any step contravening the contract, such as not informing the insurer and suing the perpetrator, the insurer may deny settling the claim.

Submission of Relevant Documents

The insured, while notifying the insurer, must attach the relevant document with the claim. The relevant documents could be a copy of the FIR, complaint, etc. Further, the insured must produce all pieces of evidence he may discover in order to substantiate his claim.

Forensic Investigation

The cyber insurance claim process is completed from the end of the insured. Now the insurer shall consult the forensic expert from his end. The insurance company shall verify whether the claim is valid or void. In addition, it shall examine the relevant document submitted by the insured and report the cyber expert about the data breach.

Settlement Process

If the claim is valid, the insurance company shall initiate the process of claim and remit the amount within the stipulated time as specified in the cyber insurance contract.

Case Laws

Let us see some case laws on data breach in order to better comprehend the cyber insurance claim process.

In the case of Total Recall Information Management v. Federal Insurance Co., some computer tapes fell from the truck. The tapes contain sensitive data. The data had vanished when the company retrieved the tape.

In addition, the company could not find any significant evidence of accessing the tape by someone. It spent $6,000,000 to recover the data. However, their efforts were abortive and no data could be recovered by them.

The company sought the claim from the insurance company which had a privacy provision in the policy. The keyword under the provision was 'publication'. The Supreme Court interpreted the submission of both parties. It held denial of coverage on the ground of inaccessible data. Since the data was not accessible, no publication could be taken place.

However, in Travellers Indemnity Co. V. Portal Healthcare Solutions, the court reached an opposite conclusion. In this case, personal medical details were disseminated on the Internet. The court held that whether the report was accessed or not, it has still published on the Internet. Hence, the insured is entitled to claim.

Conclusion

The insured must abide by the provision written in the insurance contract and initiate the cyber insurance claim process in case of cyber threats. The appropriate steps should be taken by the policyholder in order to obtain the claim. The data are prone to risk. Hence, the company must buy cyber insurance to avoid losses.