State Data Breach Laws & Cyber Risk Insurance ~ Welcome!

State statutes dictate how an organization must respond to a data breach, and Cyber Risk Insurance (also called Data Breach, Privacy and Network Security insurance coverage) is typically structured to provide financial support for compliance with these Data Breach Laws. A summary of the laws is available on the BakerHostetler site here.

Most states have passed laws setting out requirements for any organization which experiences a breach of personal information. While the regulations vary, most states define a breach and require some level of notice to both a responsible party, usually the Attorney General, and to potential victims.

Importantly, these statutes generally apply to the location of the victim, not just the location of the organization. So a company doing business in multiple states is subject to the state data breach statutes of each of the states in which its customers are located.

Some examples (summary only):

In Connecticut, the statute applies to any Personal Information of Connecticut residents and to any person, business or agency conducting business in Connecticut.
In California, Personal Information also includes user credentials which could provide access to an online account.
In Ohio, data that is encrypted, redacted or altered so as to be unreadable is not considered personal information.
In Florida, breach means unauthorized access, but notice to potential victims is not required if the organization, in consultation with proper authorities, reasonably concludes that the breach has not and will not result in identity theft…
Cyber Risk Insurance provides important coverage for all types of organizations, and all organizations should have this protection. Cyber Risk insurance is easy to get and not expensive. Policy forms vary between insurers, with some policies providing more protection than others. For many businesses, policy forms can be customized to meet the specific needs of the business.

Tennant Risk Services is a specialty wholesale broker and underwriting manager, and delivers expertise, markets and exemplary services to our retail insurance agent clients in the placement of professional liability insurance (E&O, D&O, EPL, Cyber). We excel at hard to place accounts.