Dan Driehaus

Friday, 22 April 2005 10:56

Clicks and risks

It seems difficult to remember life without the Internet. With more than 60 million people accessing information through the estimated 4 million available Web sites, it is no wonder companies heavily use the Web to promote and market their products and services.

Risk managers are faced with new challenges as the business world changes from bricks and mortar to clicks and orders. So, how does a company with emerging Internet exposures deal with the increased liability hazard?

Here are some points consider when reviewing your organization's policies and usage of the Internet.

* Trademark. Are you participating in cybersquatting? Do your Web links provide unauthorized access to other Web sites? Do your links allow inappropriate deep linking capabilities?

* Copyright. Have appropriate copyright licenses been obtained? Is copyrighted material being duplicated without permission? Do you have a terms of use agreement with your Web partners?

* Security. Does your Web site contain a posted privacy policy? Do you adequately protect credit card information obtained from customers? Is your site secure from unauthorized access to your database?

* System failures. Do you have a plan in place if you experience a security breach? Have you adequately protected your site and system from a virus attack? What impact would a site or system shutdown have on your business income?

Seeking protection through insurance

Some of today's best protection against cyberliability exposures comes from insurance products. Two cyber-specific coverage examples are:

* Cyberliability. Coverage can involve both first-party and third-party losses. First-party losses relate to the information in computer systems and provide reimbursement for losses such as altering, copying, corrupting, destroying, damaging or stealing information assets -- whether the action is criminal or accidental.

Third-party losses involve unauthorized use of or access to a company's network and provide liability coverage arising from a system security failure to prevent unauthorized use or access to its network, transmission of a computer virus or theft of a customer's information.

* Media liability. This addresses the losses associated with libel, slander, invasion of privacy and infringement of copyrights. Media liability coverage is needed if your employees have e-mail capabilities and access to the Internet. Establishing an e-mail and Internet usage policy is a must to properly defend against liability claims.

Cyberrisk analysis

Traditional insurance products that have long served bricks-and-mortar businesses should not be overlooked. The following list of noteworthy exposures includes a few coverage items to consider in your cyberrisk analysis.

* Employment practices liability insurance (EPLI)

* Directors and officers (D&O)

* Errors and omissions (E&O)

* Patent infringement

* Computer virus transmission

* Electronic Data Processing (EDP)

* Product liability

* Crisis communications coverage

While there are many things about cyberspace that can cause apprehension for today's risk managers, there are appropriate insurance tools to mitigate the risks involved. Speak to your insurance agent to properly analyze your risk and to tailor an insurance program specific to your needs.

Dan Driehaus of Schiff, Kreidler-Shell represents clients in a variety of industry sectors, including nonprofit organizations, public entities and new economy technology firms. Driehaus, who has nearly 10 years of experience in solving insurance issues, specializes in helping clients solve their executive risk exposures. Reach him at (513) 977-3180.