Wednesday, December 31, 2008

Moving to a New Blog!

The Professional Liability Tidbits blog has a new home and a new website. Join us at If you can't recall the url when you need it, typing the whole thing out will also get you there in a pinch:

Bookmark our new address and please surf by. In 2009 our new site will have expanded content including a white paper archive and other PL-related resources. See you there!

Sunday, November 23, 2008

Bankruptcy/Insolvency (11/13 & 11/20 Knowledge Knuggets)

With financial turmoil and uncertainty abounding, now would be a good time to discuss the impact of policy provisions pertaining to bankruptcy and/or insolvency.

There are two types of entities who can be affected by these provisions: Your agency, and your clients.

Your agency E&O policy most likely has an exclusion that eliminates coverage if a carrier with whom you have placed business becomes insolvent. These exclusions can appear in two forms. One excludes coverage for all claims arising from business placed with any carrier who becomes insolvent. The other excludes coverage for claims arising from an insolvent carrier's inability to pay claims.

As you can imagine, the first form is a significantly broader exclusion and can prohibit coverage for claims arising from the simplest error or omission, for example, a failure to process an endorsement, regardless of whether the company's actual insolvency impacted the claims payment at all.

There are many carriers who use the more narrow exclusion where coverage is only impaired if the carrier fails to make a payment.

In your insured's policies, you will want to make note of the bankruptcy/insolvency provisions that may limit coverage. Many policies specifically state that the carrier's obligation under the policy will not be impaired by the insured's insolvency or bankruptcy. Some carriers are silent on the matter. Others have an exclusion that indicates they will not provide coverage for any claims arising from the insured's bankruptcy or insolvency.

Here's a mind-bender for you: If your insured's policy says that the carrier's obligation will not be impaired by the insured's insolvency or bankruptcy, AND there is also a bankruptcy/insolvency exclusion -- what happens to a claim where a wrongful act occurred right as the insured was slipping into insolvency? Which provision will prevail? How will the claim be adjusted? Who gets to determine if the claim "arises from" bankruptcy/insolvency?

There are two more things about insolvency/bankruptcy that can be very important to your clients.

1. Change of control -- if your insured is taken over by a bankruptcy court, or even if they are lucky enough to find an Angel investor who buys more than 50% of their shares, it is quite possible that the transaction will eliminate go-forward coverage under their professional liability policies. This includes their E&O, D&O, EPL, and other forms.

For most, but not all, of these policies, there is a "change of control" or "transaction" wording that mandates that coverage stop the very day the originally underwritten shareholders or board lose control of the company. The policy continues on, but only as a reporting vehicle. Premium frequently becomes fully earned. This means that wrongful acts occurring *after* the date of the transaction are Not Covered! This is usually the last thing on your insured's mind...but it won't be if they have an uncovered loss. It is usually feasible to write a new go-forward policy, so do not let this gap go unaddressed.

2. Tail, aka Extended Reporting Period. After a transaction, or even if the insured just decides to non-renew coverage as a cost-cutting measure due to threat of insolvency, tail should be offered. Again, it is usually the last thing on the insured's mind. But if you offer it, and they reject it, you at least have a defense when they try to blame you for the uncovered loss that finally drives them over the edge.

Note -- there are some policies that offer only a "unilateral" tail. This means that tail is only available if the carrier terminates, cancels, or nonrenews the policy. If you have an insured who is having issues and may need to cancel or nonrenew coverage, do not hesitate to request tail anyway. Sometimes the carriers will make an exception for this type of situation. If the insured wants tail so they can switch carriers to save money, the incumbent is not so disposed to assist. But if there's a genuine emergency, and the insured just cannot continue coverage, some have been known to be flexible.

Also, note that if the insured cancels for non-payment of premium or non-reimbursement of a deductible, tail is generally not available.

The Wild and Wooly World of Real Estate (10/16 - 11/6 Knowledge Knuggets)

Knowledge Knuggets for 10/16 - 11/6 have been about real estate classes of business. I previously posted one regarding inspectors and have combined both these topics into one over-arching post regarding real estate exposures and market status. Happy reading:

The Wild and Woolly World of Real Estate.....

Almost every real estate-related profession has seen quite the roller coaster in the last couple of years, and the end is nowhere in sight.

Two of the higher profile classes of business -- mortgage brokers and real estate agents -- are in a state of high turmoil. We have seen consolidations and closures of businesses, and insureds dropping their coverage because they don't anticipate continuing in the field, or cannot produce sufficient business.

The flip side of the coin is on the carrier side, where many, many markets that used to write these lines of business quite readily are no longer in play. There are a few carriers that are still willing and able to write, although they are taking a conservative approach.

The real estate classes of business which you will run into, and which may be more difficult to place are:

Real estate agents and brokers
Mortgage brokers and bankers
Title agents
Escrow companies
Home (and other) Inspectors

In the world of real estate, agents are differentiated from brokers with regard to legal scope and services rendered. Generally speaking coverage is available only for brokers, or for firms with a licensed broker. As a practical matter, this does not pose a problem, because agents need to affiliated with a broker in order to perform services, so you will not (one would hope) ever face a situation where you need to insure an agent who is not working with a broker.

In some states, professional liability coverage is required to meet licensing standards, and in those states, there is frequently an "approved" program. The state-endorsed programs I have reviewed tend to cover only the individual agents and brokers, not the real estate agency (entity) itself. To the extent the agency holds no assets, it may not need protection, as it has "nothing to lose", but unless the owner is willing to fold the entity should a claim be made against it, declare bankruptcy, and open up another agency (all of which might create heartburn with the regulatory bodies) it's a good idea to contemplate a separate or excess policy for the entity.

Be aware that some carriers are very good at insuring pure real estate agents/brokers, but falter when mortgage broking, property management, escrow, or other related services are provided. Carriers' approach to real estate agents conducting transactions on owned properties also varies widely. Most carriers also require a minimum number of years experience (usually three to five) before a new firm will qualify for coverage.

Common causes of loss for real estate agents and brokers include failure to disclose (problems in a property or conflicts of interest such as dual agency), and discrimination. Discrimination is frequently excluded in a typical policy, but it could be picked up by third party coverage on an EPL policy, if the EPL underwriter is willing. Personal injury (libel, slander, etc.) is a good coverage to keep an eye out for, and most real estate professionals have a strong privacy liability exposure which is generally not covered by a typical E&O policy. A privacy liability policy that includes loss of paper documents would be key to address this exposure.

Next on the list is mortgage bankers and brokers.

This is such a rich and complex topic, I could spend two or three weeks, or a book, on just these opportunities and exposures. But I'll spare you for now, and perhaps put together a white paper, which I will later post on the blog. (

First thing to know is that "mortgage banker" and "mortgage broker" are not interchangeable terms. Sometimes it doesn't seem that way, because insureds will say they're a "mortgage company", and they're not specific about what they do. Also, many carriers will say they cover "mortgage brokers/bankers" when in fact they don't provide coverage to mortgage bankers at all, or they do so on a very limited basis.

Here's the basic difference between the two:

A mortgage broker simply originates loans. They work as an intermediary between the lender (or many lenders) and the borrower. Not unlike an insurance agent.

A mortgage banker may originate loans, but most importantly, they actually fund the loans. They can do this with their own funds, or through what's called a "warehouse line of credit" where the money is supplied by investors or other lenders. After they fund enough loans, they resell them, replenish their coffers (or their credit line), and fund more loans.

Both types of entities can service loans (collect payments, manage hazard/tax escrow accounts, etc.), but that is a separate service in which they may or may not engage. More mortgage bankers do at least a little servicing, because they need to manage their loan portfolio until they can sell the loans to the secondary market. They can do the servicing themselves, or they can outsource it.

In many states, mortgage brokers must be licensed. Some states do not have a specific mortgage broking license, and the mortgage broker operates under a real estate agent's or broker's license. Licensing is one way you can tell the difference between a mortgage broker and a mortgage banker. Another way is a look at the company's balance sheet. A mortgage banker will have money somewhere. If you suspect an entity is a mortgage banker, and they don't have money on their balance sheet, the next question is "do you have a warehouse line of credit?"

Major exposures:
• Lack of disclosure of loan terms or fees
• Violations of RESPA (a real estate regulation)
• Discrimination
• Conflicts of interest
• Inappropriate underwriting or submissions

Some, but not all, of these exposures can be covered by E&O policies.

A lot of markets who were writing mortgage brokers have stopped, or are only writing retro inception now. Many who were writing mortgage bankers have stopped. Most markets are excluding subprime loans and have added other exclusions. Since many of your potential insureds have a retroactive pool of subprime activities, beware of this exclusion and try to get subprime coverage at least on the past acts, so you can avoid a gap.

Home (and Other) Inspectors:

There are several types of inspectors for whom E&O can be written. Some -- usually home inspectors -- are required to carry coverage by law in certain jurisdictions.

As a rule of thumb, most carriers want to cover those inspectors that only carry a clipboard, not a toolbox. So if an inspector also offers repair services, he or she becomes virtually uninsurable.

A quick summary of the types of inspectors:

Home Inspectors -- checking for habitability on behalf of the purchaser, generally pre-purchase
Commercial Building Inspectors -- pre-purchase inspections, or construction-completion inspections
Building Code Inspectors -- inspect for code compliance
Environmental Inspectors -- check for mold, radon, clean air, water potability, etc.

Home inspectors are the most common of these, and there are several programs for them, and some association programs. GL is frequently offered in combination with the PL. Contingent BI/PD, or lack of a BI/PD exclusion altogether, is a must for this class, as well as for all inspectors.

Some of the home inspector markets will write commercial building inspectors as well.

Code compliance inspectors are probably the most difficult class to write, but there are a few carriers who will entertain them, and a bare handful that will provide contingent BI/PD.

Environmental Inspectors are easier to write than one might think, but only if you're using the right markets. Most home inspector markets, and indeed most E&O markets, do not have an appetite for the pollution hazard and catastrophic contingent BI/PD exposure presented by environmental inspectors. Environmental markets, however, view this class favorably, and provide broad coverage and attractive pricing.

One thing to note -- the word "environmental" sometimes can refer to matters of industrial hygiene (the "environment" in which the workers perform their tasks). If the insured is involved in inspecting industrial plants and recommending modifications to ergonomics or processes, they are more along the lines of a safety consultant than a true "inspector", although the terms are somewhat interchangeable.

So after exploring real estate agents/brokers, mortgage brokers/bankers, and all manner of inspectors, your might ask "What else is there?"

It just so happens I have an answer for you.

Title agents, escrow agents, appraisers, foreclosure services, mortgage field reps, debt negotiators, property managers, leasing agents, as well as real estate investors and investments.

The first three classes mentioned above have seen an increasingly shrinking marketplace. Used to be they could be written for pennies on the dollar, and had many association programs that offered broad coverages on the cheap. However, with the downturn in the housing marketplace, and homeowners scrambling to find any way they can to hold onto their houses, there are increasing claims against these professionals.

Also, appraisers have been deemed to be in cahoots with real estate agents and mortgage brokers in supporting inflated home values that justified suspect loans, and now they are viewed with quite a bit of distrust by the carriers.

Several carriers have just outright stopped insuring these classes, and others are more closely underwriting and are increasing pricing and retentions.

Mortgage field reps are those people who will go out to a foreclosure property to make sure it's there, take a few pictures from the outside, and report back to the mortgagee. An interesting class without a huge exposure, they are frequently required by the mortgagee to carry coverage. One must be very careful to distinguish them from "home inspectors" because the risk is not at all the same, and only certain niche carriers do a good job with home inspectors, while other carriers altogether can do a good job with field reps.

Debt negotiators are all the rage. They will intervene with lenders on behalf of borrowers (or sometime at the behest of real estate agents or mortgage brokers looking to get some deals done) and facilitate the borrower and lender reaching a mutually beneficial agreement about how a loan can be structured. If the debt negotiator actually goes to the extent of proposing refinancing and/or shopping a refinance deal, they are actually a mortgage broker and must be insured as such.

Property managers and leasing agents haven't seen too much of an upset in this real estate market yet. Perhaps because rental properties are only more valuable and needed in this time where people are having to leave their homes, or where home sales have diminished. Commercial risks are not as easy to insure as residential, for the obvious reason that there is a lot more at stake in each transaction. Tenant discrimination coverage is generally provided separately from E&O. It can be written on the same policy, or in concert with the E&O, but it is a separate underwriting process, separate app or supplemental (or segment of the app).

Real estate investors and investments include all manner of private equity firms, REITs, 1031 exchanges, and any other type of person or firm that purchases, holds, manages, or sells property with investment funds for any reason other than to occupy it themselves. Most of these firms execute deals on behalf of third parties on at least one-half of the transaction (i.e. a third party buyer, or a third party owner), they may be completely arms-length facilitators with both buyer and seller being third parties, or they may be executing transactions for the benefit of investors. This private equity exposure has become more difficult to insure as the profit prospect of this line of investment has become more questionable. However, coverage is still available at a price, especially for insureds who have a track record of success and who provide proper disclosures to investors.

One interesting thing regarding real estate investment-related firms -- the D&O and E&O exposures are frequently indistinguishable and should generally be written together on one policy, or at least with one carrier. You can imagine the difficulty in trying to sort out whether the sale or management of a property gone bad is an affront to the investors as a fiduciary issue of proper caretaking of corporate assets, or whether the investors got rooked into a deal where the so-called professionals couldn't tell La Jolla from a hole in the ground and were incompetent to perform the services of evaluating, buying, managing or selling properties. Does the claim arise from the professional service rendered? Or does it arise from the breach of fiduciary duty as a D or O of the company? Much safer to insure both whenever possible.

Friday, August 15, 2008

Business Risk or Insurable Exposure? (8/14 Knowledge Knugget)

Recently, I've been seeing increasing requests for coverage for activities that would not typically be considered professional services. Of course, with the growth of Miscellaneous E&O/Professional Liability beginning about 10 years ago, the line between "professional", "errors and omissions", and "uninsurable business risk" has become increasingly blurred.

Here are some pointers for identifying a potential errors and omissions exposure for which coverage might be available:

Can your insured's activity result in financial loss to a third party (your insured's customer, or client of the insured's customer)

Is your insured performing a service?

Can you think of a way that service can be defined and its potential to cause financial loss anticipated?

Can a loss occur due to an error or omission, versus the typical "occurrence" or "accident" that gives rise to a GL claim?

Can the service that could result in financial loss be isolated from the core services covered by GL?

Can a rating basis be allocated to such service?

If you can answer most of the above questions "yes", it's possible there's an insurable "professional" service in your insured's operations.

There are some carriers willing to be very creative in this marketplace. Although some are stuck in the "that's a business risk" mentality and will not consider cutting edge coverages, others will rub their chins, put their thinking caps on and come back with "yes, we can do that". Then it's merely a matter of matching up the carrier's desired pricing with the insured's sensitivity to risk.

Sometimes insureds are unaware of these exposures or just assume they cannot be covered. Many formerly "uninsurable" business risks are now covered under the common D&O policy with entity coverage. Others can be insured with an appropriate errors and omissions policy. The scope of coverages available is constantly expanding, so don't be afraid to ask about these exposures.

Some examples:

Picking and packing exposure of a distributor
Freight forwarding exposure of a manufacturer that exports their own goods
Third party exposure for owned real estate sales or property management
Concept artist for playground equipment (not a design professional)

Friday, August 8, 2008

What's in a Name? Part 4 (8/7/08 Knowledge Knugget)

Continuing with our issues regarding DBAs of Insureds....

4. Not only can the inclusion of DBAs in the Named Insured imply that those who are not listed would not be covered, there is also the question of operations conducted outside the DBAs, and in the legal entity's own name. For example, if Acme Corp. does business as Joe's Business Consulting, and Joe takes a large job as Acme Corp., if the declarations page reads "Acme Corp. dba Joe's Business Consulting" is Acme Corp covered for consulting done in its own name? Food for thought.

And you can see the even greater difficulty if Joe's Business Consulting was the Named Insured, Joe performed his services as Acme Corp., and a claim came in against Acme, as we discussed last week.

5. The last issue for this segment is that if the Named Insured is a DBA, there can be all manner of gyrations underneath that level that might never come to your attention, but which can void or compromise coverage. Actual ownership of the underlying entity can change, the entity itself can be bought or sold, but if the DBA is the Named Insured, and it continues its operations and public presentation with no change, the insured(s) may never think to come to you to effect appropriate changes in their policies. If a claim occurs, not only could there be questions raised about continuity and identity of the entity(ies) insured, but policy conditions prohibiting assignment of the policy without carrier consent could come into play to void coverage, and change of control provisions could also have been unwittingly triggered, no tail offered, etc.

There are a few ways to address these issues and pitfalls.

First, make sure you understand how your insured is structured and what their legal names and entities are. Make sure all legal entities are shown on the applications, and on the policies. That will eliminate the situation where the carrier pleads ignorance, never having heard of the underlying entity prior to the claim.

Second, if your insured is concerned about coverage for DBAs, ask them to provide you with a list of all dbas, and refresh that list during your annual account review. Also advise your insured to keep you apprised of any and all changes and additions to DBAs. Take that list, and submit it to your underwriter or wholesaler, and ask them DBAs are handled, and how they want to keep track of them, if they feel they need to. The key question is - does a DBA need to be shown on the policy to trigger coverage if a claim is made against them. (I will survey companies on this matter at some point in the future and share my results.)

Third, if your insured does 100% of their operations under a limited, stable number of DBAs, listing the legal entity and the DBAs on the dec is relatively safe and straightforward, but see concern 4 above.

Carriers are generally more likely to respond to a claim against a DBA if they insure the underlying legal entity, than they are the other way around. So the most important thing to remember is that the underlying legal entity must be named on the policy.

There are more things to discuss regarding names, but we'll take a bit of a break and return to the subject later.

What's in a Name? Part 3 (7/31/08 Knowledge Knugget)

Continuing our quest to find the perfect name for our Insured, let's talk about DBAs.

What is a "DBA"? Generally, a "DBA" is a trade name your insured has registered with state or local agencies, as required, in order to use that name in the public domain. The DBA may or may not have any relationship to the insured's legal name. In some jurisdictions, as long as the trade name has certain things in common with the legal name, it need not be registered.

Many insureds want their DBA listed on their policy. This is understandable, since it's the name the public sees most often, and the insured is concerned that if a claim is made against them, it will be made in the name of the DBA, not the insured's legal name, which may not be readily apparent.

However, having the DBA as the Named Insured is a technical error, and even including them along with the Named Insured can be a slippery slope. Here's why:

1. Most applications and declarations pages in professional liability refer to the insured organization or entity. A DBA is neither an organization, nor an entity; it is merely a name. If the DBA is the *only* item shown on the dec, there can be issues when a claim is made against the legal entity behind the DBA, as this will be the first the underwriters have heard of the legal entity, and they tend to not appreciate the lack of disclosure when the application has previously requested the information. (I have seen a claim declined for this, although eventually, after much proof and hassle, we were able to get the carrier to agree to accept the claim.)

2. As an agent, there are many tricks of the trade you can use to make sure you're getting the right information from your insured. Among the foremost is spotting an inconsistency between the organizational form and the insured's proposed name on the app. If the insured is an LLC, a corporation, partnership or other legal form of organization, there are generally laws requiring that a signifier, like "inc." "corp" or "LLC" be used in their name. If your insured is not a sole proprietor, but you don't see "inc." or some other kind of organizational signifier on their app, ask if the Insured Name provided to you is a dba, and if so, get the legal entity name and use it instead of, or in addition to, the dba. (This is a best practice for all your lines of coverage -- not just professional.)

3. Some insureds "do business as" one name for certain operations of their company, and "do business as" a different name (or perhaps no name other than the actual company's legal name) for other operations. This is not uncommon when there are various operating divisions or diverse income centers in an entity. If you have listed one DBA on the policy, then another pops up and you are not advised about it and therefore it is not added to the policy, is it covered? It may depend on how your claims adjuster feels at the time of loss. And as a practical matter, maintenance of a large schedule of DBA names may not be a cost-effective or prudent use of your time.

Stay tuned for more issues and some solutions next week....

What's in a Name? Part 2 (7/24/08 Knowledge Knugget)

Back to our friends at Acme Corp/Beta Corp and their naming challenges.....

If Acme Corp. had not merely changed its name to Beta Corp. but had actually had a change in ownership, had reincorporated, or had taken on investors who acquired a majority interest in the company, there could be significant interruptions to coverage well beyond what a change of name would entail.

We won't go into those right now (stay tuned for a later Knowledge Knugget about Change of Control), but suffice it to say that any time one of your insureds approaches you with a request to do anything to its name on its insurance policies, you are in a red flag situation (at least as it pertains to their professional liability coverages) and will likely need to pose some additional questions.

Insureds frequently underestimate the impact of their internal or structural changes on their coverages, and they also frequently do not want to divulge all of the particulars to their agent.

That having been said, here are some areas in which your insureds' name(s) can cause challenges:

1. DBAs -- to include or not include is the question
2. Operating divisions or trade names
3. Parent or sister companies
4. Shareholders/owners/partners/LLC members
5. Subsidiaries
6. Additional Insureds
7. Scheduled Insureds
8. Deleting individuals

These areas are in a broad category regarding "Who is an Insured", and we'll explore them over the weeks to come.

Thursday, July 17, 2008

What's in a Name? (7/17/08 Knowledge Knugget)

Because professional liability coverage is established through the definition of professional services, and because the coverage is written predominantly on a claims-made basis, the issue of who is named as insured, and when, can make or break your coverage.

There are several situations in which the naming of the insured and the timing of the name can create challenges.

Here is an example:

Acme Corp. is insured with a policy running January 1, 2006 to January 1, 2007. In
October of 2006, Acme changes its name to Beta Corp. Nothing else changes. The operation remains the same; the ownership remains the same. You would want coverage to continue with no changes.

The agent will usually request the named insured be changed to Beta Corp in this situation. What you really want is to add Beta as an Insured. Here's why:

Although there would be a paper trail of coverage for both Acme and Beta in the '06-'07 policy, what happens when the policy renews January 1, 2007, and the Named Insured on the policy now reads "Beta Corp.," and Acme is nowhere to be found?

If a claim is made and reported on April 1, 2007, and the defendant is Acme Corp., does the policy need to respond?

Technically, unless there is predecessor firm wording in the policy, Acme Corp. is not an insured during the '07-'08 policy period, so a carrier could decline coverage. As a practical matter, if the '07 policy renewed with the same carrier that wrote the '06 policy, they would have a difficult time declining. However, if the '07 carrier is a new one, they have no history with Acme Corp., possibly no knowledge of Acme Corp., and even though they may have provided prior acts coverage on the policy, the defendant is not an Insured.

To avoid this stumbling block, leave the Acme name on the policy. Do not "change" the name. Merely add Beta to the policy.

Stay tuned for more examples and solutions next week.

Thursday, July 10, 2008

Tail Trials and Tribulations - Part 2 (7/10/08 Knowledge Knugget)

So why would it matter if your insured's Extended Reporting Period (ERP) provision was uinlateral or bilateral?

Generally, an insured is not planning on going out of business, being purchased, having claims, or doing anything else that would make continuing with his existing policy undesireable. When any one of these things happens, and your insured needs to change carriers, or discontinue coverage altogether, it's exceedingly important that he have the opportunity to trigger tail with the expiring carrier.

He may not need to, depending on alternative terms available, but if alternative terms are unattractive (lower limits, reduced scope of coverage, higher retention), or if the alternative carrier refuses to provide prior acts coverage, the insured could find himself in a situation where he cannot change carriers without risking a gap in coverage.

This gap arises when a carrier on a unilateral tail policy offers renewal terms that are unfavorable, yet because the policy has not been nonrenewed or cancelled, the unilateral tail provision is not triggered. Or, the insured could cancel the policy mid-term, due to financial concerns, sale of the business, or other needs, or non-renew at the policy expiration, and he then has no ability to preserve reporting capability under the cancelled or expired policy. Again, this is because the *carrier* did not do the cancelling or nonrenewing.

Frequently, the insured may not have been in a position financially to purchase the tail, but you want that to be his decision, not a result of a placement that doesn't allow for tail to be purchased.

Unilateral tails are not the industry standard, but they are definitely on the street. You will want to check policy wording to ensure that the tail offer (Usually under a section entitled "Extended Reporting Period," or "Optional Extended Reporting Period") starts out with "If the Named Insured or the Carrier cancel or nonrenew.....". If the wording starts out with "Should the carrier cancel or nonrenew...." and the Named Insured is not included in that paragraph, you may have trouble brewing.

Thursday, July 3, 2008

The Extended Reporting Period, or -- Tail Trials and Tribulations (7/3/08 Knowledge Knugget)

Most claims-made policies have an extended reporting period (ERP or "tail") provision. This provision allows a pre-set period of time in which an insured can report claims made after the expiration of a policy.

Although the extended reporting provision is a very standard offering in claims-made policies -- even required by law on admitted paper in most jurisdictions -- it is anything but standardized.

If an agent reviews anything about an ERP while evaluating terms, he or she will generally look at the pricing compared to competing terms. i.e., does a 12 month ERP cost 100% of the expiring premium, or 150%, or less.

The cost of an ERP should be the least of the agent's worries. Most anything that is undesireable about an ERP will not be discovered until after it becomes an issue.

One example of this is whether an ERP is offered on a bilateral or unilateral basis. A bilateral tail can be triggered by either the insured or the carrier nonrenewing or cancelling the policy. A unilateral tail can only be triggered if the carrier cancels or nonrenews the policy.

Next week, we'll talk about how this difference can cause unexpected problems.

Critical Coverage Concept - The Hammer Clause (6/26/08 Knowledge Knugget)

Last week we talked about the Consent to Settle clause wherein carriers agree to not settle any claim without the insured's consent.

When the carriers make that provision, they frequently (but not always) qualify it by adding what's called "the hammer clause".

The hammer clause provides that the carrier requires the insured's consent to settle, but if the carrier negotiates a potential settlement that it likes, and the insured does *not* consent......then the insured is responsible for all defense costs thereafter, and if the settlement exceeds the initial negotiated potential settlement, the insured is also responsible for the additional settlement amounts.

As you can imagine, the spectre of having to pay ongoing litigation costs, and the potential of being responsible for hundreds of thousands of dollars of damages has a chilling effect on the insured's desire to continue litigation without the carrier's support.

In this soft market, many carriers are providing what is called a "velvet hammer" or a "softened hammer". This is seen most often in D&O and EPL forms, but can occur in others. A velvet hammer is a compromise where the carrier provides some amount of defense and/or indemnity after the insured refuses a recommended settlement offer. The carrier's participation usually is around 70% to 80% of continuing defense and eventual settlement costs, and the provision requires that the insured bear the remaining amount itself (no insurance allowed!).

If the market continues to soften, we can expect to see this provision eek into other classes of business as well.

Some carriers provide additional motivation for the insured to accept the first settlement proposal. This motivation generally comes in the form of a reduction of the deductible, sometimes up to 50%.

Critical Coverage Concept - Consent to Settle (6/19/08 Knowledge Knugget)

  • Most professional liability policies contain what is known as a "consent to settle" clause. This coverage provision extends to the Insured control of the settlement of a claim. The insuror may negotiate a potential settlement, but cannot settle without the Insured's agreement.
  • This provision arises from recognition of the potential reputational harm that can be done to a professional by virtue of a carrier settling a claim, thereby imputing liability where none may have existed.
  • This reputational harm can have a negative impact on the professional's ability to earn a living, and can also be a magnet for additional claims. Carriers are very cognizant of this slippery slope and endeavor to avoid it by seeking the insured's agreement to any proposed settlement.
  • In policies where the carrier does not assume the duty to defend, there is generally no consent to settle provision, as the carrier does not take control of the settlement negotiations. There are just a handful of exceptions to this rule.
  • I have heard some people opine that the consent to settle provision is mere window dressing. After all, GL policies do not provide such an enhancement to their insureds. True, but GL claims do not speak to the reputation of the professional, do they? In any situation where all other things are equal, I would definitely prefer to provide the consent to settle to our insured, rather than underestimate its importance. Certainly, the decision to forego such an enhancement should be made by the insured. Not by his or her broker

Critical Coverage Concept - Defense in Addition (6/12/08 Knowledge Knugget)

You may have noticed by now that most professional liability policies lump defense expenses and damages payments into a single policy limit.

This has historically been the case for most lines of professional liability because the vast majority of costs associated with professional liability claims are the defense expenses.

In this soft market, and in some lines, we are now seeing "defense in addition" to the limits being granted.

Here, we must exercise caution.

Unlike GL, when a professional liability carrier talks about "defense in addition", they rarely mean unlimited defense. Many carriers actually limit the defense in addition to the same limit purchased for liability, or a maximum of 1mm.

For example, if your insured purchased a 500,000 limit of liability with a "defense in addition" carrier, the defense is generally limited to 500,000. If the insured purchased a 2mm limit, the defense could well be capped at 1mm.

There are just a few companies that will provide *true* defense outside the limits. They set defense expenses completely outside the limit wording of the policy, and with those companies the defense works very much as it does in GL. Combined with the insured retaining control over settlement, this coverage packs quite a positive punch.

Generally, if an insured must pay for additional capped limits of defense, it is prudent to at least consider increasing the entire limit instead. Doing so tends to cost just a tiny bit more, and it ensures that limits are available for whatever need presents itself.

Friday, June 6, 2008

Professional Services Definition, Part 2 (6/5/08 Knowledge Knugget)

Last week we were talking about the professional services definition, and how omission of a core activity of your insured in that definition can lead to a coverage gap.

How do you know what *must* be shown in the definition? There's no easy answer to this question.

In a perfect world, all activities of the insured would be accurately and fully described. Yet insureds embark on slightly different, but very much related, activities on a daily basis, and neglect to inform their agents. (say it isn't so!!)

So a broader, more all-encompassing description is generally preferred.

Let's think about a definition of "mortgage broker" on a policy. What professional activities would that necessarily include? Loan originations, surely. Loan servicing, sometimes. Making representations to borrowers and to carriers, and shopping loans. All of these activities are "incidental" to the world of mortgage broking, and do not need to be specifically listed.

What is "incidental" is generally established by custom. Would real estate sales be "incidental" to a "mortgage broker" definition? Probably not, even though in many states, mortgage brokers must have a real estate license. So if your insured did mortgage broking *and* real estate sales, you would want both activities listed on the declarations page or definition of professional services.

Here's another example for you: Insurance agents frequently perform risk management or insurance consulting services. Sometimes their policies specifically list those activities as covered, but even if the policy did not specifically state those activities, no one would be surprised to find an insurance agent doing them, and they would be considered "incidental". However, if one was insured as a "risk management consultant" on a policy, would the sale of insurance be considered incidental? Probably not. Risk management consultants frequently are not licensed as agents (depending on jurisdiction), and a full-time risk management consultant rarely actually executes the insurance placement, although he or she may work with an agent to get the placement done.

The key here is to look at your insured's scope of services in terms of the big picture, then ask your underwriter for confirmation that anything unique, specific, or out of the ordinary is considered by him or her to be "incidental" to the core definition, and if not, get it added to the definition.

And make sure your insured reads and understands at least that part of his or her policy. Sometimes they feel it's the underwriter's responsibility to go to their website and check out what they do, and they assume that everything an underwriter could know about is covered. That would not be the case. So even if your insureds don't understand anything else about their policy, they should understand the scope of services that is covered, and give you the thumbs-up that their business is adequately described.

Thursday, May 29, 2008

Incident Sensitivity, Part 2 (3/20/08 Knowledge Knugget)

Why is Incident Sensitivity important?

  • If a claims-made policy is incident sensitive, or has a discovery provision, the insured may report to the carrier an error, a wrongful act, a circumstance, or an incident that it believes is likely to develop into a claim.
  • The claim trigger in a professional liability policy is usually a demand for damages. In the absence of a demand for damages, coverage cannot be triggered.
  • An insured could have a threatening letter from a disgruntled customer, a notice of intent to sue, a subpoena for information, or just a sick feeling in their gut when they realize an error has occurred that is likely to arise in a claim. However, until the demand for damages is actually made, whether in a demand letter or a suit, there is no claim.
  • In the absence of the ability to report a circumstance, an insured can know it will have a claim made against it in the future, and can be unable to move coverage when needed because it cannot ensure the future claim will have a home. New carriers will exclude the circumstance as a known wrongful act, or a circumstance which could reasonably be believed to give rise to a claim. The expiring carrier would not respond to the circumstance because it is not a claim, and would not respond to the future claim, because the policy would no longer be in force.
Can an extended reporting period solve this problem? Tune in to next week's Knowledge Knugget to find out.

Incident Sensitivity, Part 3 (3/27/08 Knowledge Knugget)

Can an Extended Reporting Period make up for not having incident sensitivity?

When we left our hapless insured, they knew they would likely have a claim in the future, and wanted to change to a new carrier, but could not put their current carrier on notice of the circumstance due to the lack of incident sensitivity. The new carrier wouldn't pick up the circumstance because it was *known* to the insured as a circumstance that would likely result in a claim. Can the purchase of an extended reporting period allow the insured to move to the new carrier and still sleep at night?
  • If the claim develops within the right time period, (within the ERP) the carrier would respond to it.
  • However, many carriers offer limited ERPs. Some are as short as 90 days. One, two or three years are the usual periods offered. A handful of markets will offer 6 or 10 year ERPs.
  • A detriment to purchasing the ERP is that the insured has now also limited his reporting period and coverage for all unknown previous acts that might give rise to a claim.
The take-away? Unless absolutely necessary, avoid policies that do not allow the reporting of circumstances, incidents, or wrongful acts the insured believes may arise in a claim. This reporting capability is very much needed and it is extremely hard to work around its absence and preserve needed coverage.

Perils of P&P Lit - (4/3/08 Knowledge Knugget)

What is P&P Lit?

P&P stands for "Pending or Prior". Lit stands for "Litigation".

Almost all claims-made professional liability policies have an exclusion for P&P Lit in them somewhere. It can be found in the insuring agreement, or in the qualification of what constitutes a claim, but is most commonly found in the Exclusions section of the policy.

P&P Lit is any litigation filed against an insured, or any litigation that is going to be filed against an insured. Seems fair, right? A new carrier does not want to be responsible for defending any claims that have already been filed against the insured or that are in progress.

Danger zone 1: A plaintiff can file a suit but not immediately serve the insured. This is known as a "blind lawsuit". The insured cannot report the claim, because he doesn't know about it. The current carrier cannot assume defense, because the claim has not been reported. The new carrier will not assume defense because the litigation was already in progress, even though the insured had not yet been served.

Danger zone 2: The "Interrelated Wrongful Acts" definition can take the general subject matter of existing litigation and tie it to what would otherwise appear to be a new demand. That relationship will subject the new demand to the P&P Lit exclusion. The exclusion itself sometimes casts a wide net and picks up related acts or subject matter.

Tech Talk - 1st Party Exposures, Part 1 (4/10/08 Knowledge Knugget)

You may have heard of identity theft and "cyberliability" and recognize that they are areas of concern for your clients -- especially those that are web-based or technology-dependent.

These third party exposures are not the only ones facing your techie insureds. There are additional First Party exposures you will want to consider.

These exposures include many types of attacks on systems that render your insured's technology unable to perform its core functions. Your insured's business basically cannot continue in the absence of the systems, or it is seriously hampered in its performance.

Some insureds rely upon backup tapes or hot sites in case of disaster -- whether physical or technological. However, data restoration can be flawed, and hot sites are quite expensive.

A proper first party technology policy will defray extra expenses and provide business interruption coverage for claims arising from covered perils.

Learn about those perils in next week's Knowledge Knugget.

Tech Talk - 1st Party Exposures, Part 2 (4/17/08 Knowledge Knugget)

Is direct physical loss the biggest threat to your web- or technology-dependent clients? You have probably written a property policy for your client, and may have added Electronic Data Processing (EDP) coverage. Will this take care of those things most likely to put your insured out of business?

One of the most important things an EDP form does is confirm that data is insurable property. EDP policies add coverages such as mechanical breakdown, brownout, and data reconstruction to your client's property coverages.

Neither a property policy nor an EDP policy or endorsement are likely to cover:
  • Corruption of data due to a hacker
  • Introduction of a virus that disables your client's system
  • Overloading of your client's bandwidth or email such that it can no longer function
  • Employee tampering or human error
  • Cyber-attack on your client's business partners that affects your client's operations
Tune in next week to see how first party technology/cyberliability policies are addressing these exposures.

(Again, we are focused here only on first party exposures, so the damages that can be done to third parties and the resultant liability are topics for another day.)

Critical Coverage Concept -- The Professional Services Definition (5/29/08 Knowledge Knugget)

Unlike GL, where a loss must arise from "your work" -- which is whatever you do, and sometimes restricted to the class codes listed on the dec page, sometimes not -- almost all professional liability policies rely upon a definition of professional services to formulate the boundaries of coverage.

More often than you would imagine, an insured's professional services, and the definition in the policy upon which he is relying for coverage do not match up.

Sometimes the definitions are imbedded in the policy wording, such as for architects and engineers, some insurance agents E&O forms, medical malpractice forms, etc. However, in the world of technology liability and miscellaneous professional, one will most frequently find the definition of professional services provided on the declarations page or by endorsement.

Differences can be subtle, or they can be broad. Take, for example, the incident of an insured who had a medical billing service and also did credentialing services for those medical offices for which she did billing. Her professional liability policy definition of professional services said "medical billing service" and made no mention at all of the credentialing services. If a claim arose from her credentialing service (which is *not* incidental to medical billing -- more about that later), would the carrier have any obligation to defend or pay a claim?

Some would argue that the definition on the dec is only a rating basis, as one finds in GL. But -- and this is a BIG BUT! -- the GL policy does not (unendorsed) refer back to that "class code" to define coverage, and the professional liability policy does! Review this paraphrased typical language, then go check some of your own policies and see what you think:

"We cover the insured for claims arising from Wrongful Acts." Wrongful Acts are then defined as "any act, error or omission in the rendering of or failure to render Professional Serivces." Then Professional Services are defined (I didn't say this would be straightforward) as -- " rendered to others for a fee solely in the conduct of the Insured's profession as stated in Item X of the declarations page."

Think about our medical billing lady. Any credentialing coverage there?

We'll talk about activities that are "incidental to" the defined services next week.

Unintended Consequences -- Or Ooops! What did that exclusion just do to my insured? (5/22/08 Knowledge Knugget)

....and speaking of fiduciary liability.....

What happens if your professional liability policy excludes claims arising from plans or activities subject to ERISA, and your insured is a third party administrator, payroll administrator, management consultant, human resources consultant....and their work necessarily touches on those same plans and impacts the administration of same?

The ERISA exclusion in a professional liability may be so broad as to negate desired coverage for your insured's activities.

For example, it may exclude claims "...arising out of...any responsibility or obligation in connection with any employee or benefit plan....". Could this exclusion apply to your insured's "responsibility or obligation" to perform services in administering clients' plans?

Or, it could exclude "...any of Your acts related to any pension, healthcare, welfare, profit sharing, mutual or investment plans....."

Pretty broad, right? Maybe too broad for your insured's safety and intended scope of coverage?

Preferred wording will exclude *only* the insured's fiduciary duty under ERISA, or will exclude only their involvement in their *own* plans, not those of clients. This can be accomplished by a narrow exclusion, or by a carveback to the exclusion for claims arising from the insured's professional services. (In the rare case that your insured is actually acting as a fiduciary and has been written on a normal professional liability policy, even more modification is needed.)

The ERISA exclusion wording varies widely from policy to policy. Read it carefully and ask for appropriate modifications if you have the least little concern that it is too broad for your insured. Chances are the underwriters are not really trying to throw the baby out with the bathwater. They just haven't ready their policy recently with your insured's operations in mind.

More "Ooops!" moments to follow in future Knowledge Knuggets. Be sure to put in your request if you've seen exclusions that trouble you.

Does My Insured Need Fiduciary Liability? (5/15/08 Knowledge Knugget)

Does your insured need fiduciary liability coverage?

Quite possibly.

  • Fiduciary liability coverage protects fiduciaries (those individuals in a company who bear *personal* liability for the caretaking of employee welfare and benefit plans and the funds that drive them) from financial disaster.
  • An ERISA Bond is not the same as fiduciary liability coverage. An ERISA bond is required to secure plan assets against dishonest acts. The bond comes in to play if there is an act of dishonesty -- absconding with the funds and a co-worker and heading for the Bahamas, let's say.
  • Fiduciary liability is more like professional liability coverage for the management members or owners who are responsible for establishing, authorizing, and/or overseeing the plans. This includes health insurance and any other plans subject to ERISA.
  • Even if your insured has outsourced day-to-day management of plans to a third party vendor, the individual fiduciaries cannot relieve themselves of their personal liability as fiduciaries. Therefore, they still need the coverage at least to fund their defense.
  • Recent events in the stock market and other investment vehicles (think sub-prime and bond rating disasters!) have made the likelihood of fiduciary liability claims much higher.
  • This coverage is very inexpensive, and is available both on a monoline basis, and as part of a D&O or Management Liability placement. It generally has a $0 deductible, and underwriting is quick and easy, if the insured has filed their Form 5500s such that they are available on line.

Contingent Bodily Injury/Property Damage Part 2 (5/8/08 Knowledge Knugget)

How can a professional liability policy cover contingent BI/PD?

Keep in mind that the following examples do not apply to design professional or healthcare liability policies, where the risks have a direct exposure, and the policies address it accordingly.

1. A policy may have no BI/PD exclusion. This is rare and does not actually extend coverage. The carrier may still put forth an argument about the BI/PD having arisen from the rendering of or failure to render professional services, since the damage would not be a direct result of the services, but rather an outgrowth of a third party's use of or reliance upon those services.

2. A policy may have a BI/PD exclusion with narrow wording. A typical exclusion applies to claims "arising from, related to, or in any way connected with bodily injury or property damage....". This wording can be used to exclude coverage for any claim where bodily injury or property damage is at the root of the harm. A narrower exclusion that says the policy does not apply to claims "...for bodily injury or property damage..." is generally understood to apply to direct infliction of harm, leaving the door open for contingent claims.

3. A policy may have a BI/PD exclusion with a carveback for claims arising from the delivery of professional services. Wording such as "....however, this exclusion does not apply to claims arising from...." This is a pretty straightforward solution and is just about the best you can get.

4. An affirmative coverage grant would be the best possible way to address this exposure. It is not common. With an affirmative coverage grant, BI/PD could be included in the definition of Wrongful Act. We do frequently see "Personal Injury" included in the definition of Wrongful Act for some classes of business, such as real estate or insurance agents.

Think through this example:

A software developer creates a program that operates a robot on an assembly line. The robot goes haywire and starts knocking parts off the conveyor belt, and thrashing around, destroying equipment. Which exclusion or coverage clause would you prefer?

Check the blog in the next couple of weeks for more detailed explanations and thoughts beyond the scope of the Knowledge Knuggets.

Contingent Bodily Injury/Property Damage Part 1 (5/1/08 Knowledge Knugget)

What is "contingent bodily injury/property damage" coverage? And why do you care?

General Liability policies cover bodily injury or property damage arising from the insured's operations or products. They also generally exlude claims arising from professional services, thereby limiting coverage for a professional to premises liability.

Professional Liability policies cover claims for damages made against the insured by a third party arising from a Wrongful Act. The Wrongful Act is generally an error, act or omission in the rendering of or failure to render professional services.

For most classes of professional liability coverage (Architects and Engineers, and Medical Malpractice being the notable exceptions), there is some kind of exclusion regarding claims arising from bodily injury or property damage.

What happens if your insured is a home inspector, and he fails to notice a leak in the roof? The leak goes undetected until the ceiling collapses. Could he be liable for the collapse? Would his GL policy respond?

If we want the home inspector to have coverage for property damage that occurs due to his negligence, we need to make sure that his professional liability policy provides contingent bodily injury/property damage coverage.

The "contingent" part of that phrase refers to the BI/PD arising *as a result of* his professional services. They are not a result of his direct actions. They are a result of others relying upon his expertise.

More examples and detail to follow next week......

Tech Talk - 1st Party Exposures, Part 3 (4/24/08 Knowledge Knugget)

How are first party technology/cyberliability policies addressing your clients' exposures?

There are many markets offering monoline first party policies, and even more offering first party coverage as part of a combo policy covering both first and third party exposures.

These policies cover many non-physical and some physical causes of loss, provide extra expense and business interruption coverage, and other bells and whistles. Perils and coverages vary widely. A quick run-down of possibilities:

Perils covered include:
  • Computer virus
  • Unauthorized access
  • Employee mistake or tampering
  • Internal/External hack attacks
  • Denial of service attacks (such as flooding bandwidth)
  • Loss to customers or vendors that impacts your client's business
  • Cyber-extortion
  • Natural disaster
  • Power surge
  • Theft/physical damage

Types of loss covered:
  • Business interruption
  • Extra expense
  • Forensic expense
  • Data recovery cost
  • Public relations cost

Sunday, March 16, 2008

What does a D&O policy cover?

One of my agents just asked me for a brief overview of what a D&O policy is supposed to do. One of his clients has an attorney who is recommending they purchase the coverage (good attorney!!). But apparently, the attorney could not explain to the client's satisfaction *why* they should have the coverage.

Below is a copy of the very high level overview. Feel free to use it to educate your insureds.

D&O Coverage Overview

By law, directors and officers of corporations bear legal responsibility for certain actions pertaining to their management and oversight of the entity. This responsibility arises generally from the three common law duties of directors and officers. They are:

The Duty of Care

The Duty of Loyalty

The Duty of Obedience

When a director or officer violates one of these duties, claims can arise, brought by shareholders, customers, vendors, competitors, employees, or regulatory or governmental entities. Claims brought by shareholders can be made on their own behalf, or on behalf of the corporation (known as a “derivative” suit).

The corporation may or may not be able to indemnify directors and officers for their legal expenses and any settlements or judgments. Whether the entity is able to indemnify can be a matter of legality, parameters of the bylaws, or financial ability.

Directors and Officers liability policies are a common tool used to ensure that the entity will have the financial means to indemnify directors and officers for their expenses. The policy also removes some of the questions regarding legality or bylaws, because the entity is not forced into an adversarial position with the Ds & Os in order to protect its own assets.

Most directors and officers liability policies for privately-held entities have another coverage feature – the entity is also an insured. This is a recent coverage development, having begun in 1994.

This protection for the entity for claims brought against it for its own actions brings into coverage many causes of loss that used to be considered “business risk” and uninsurable.

Claims from competitors, vendors, and customers regarding business practices, competitive position, corporate conduct, and sometimes even contractual breaches can frequently be subject to coverage at least for defense, and sometimes for indemnity.

Thursday, March 13, 2008

Incident Sensitivity, Part 1 (3/13/08 Knowledge Knugget)

What is "Incident Sensitivity"?

  • The term "incident sensitive" is most common in medical malpractice, but the concept is universal in professional liability and critical in claims-made policies.
  • In D&O policies and some other E&O forms, it's known as a "discovery provision"
  • Incident sensitivity allows the insured to put its carrier on notice of potential claims, circumstances that the insured reasonably believes could arise in a claim, or an act that could be "wrongful" and result in a later claim.
  • Once such an incident or circumstance is reported, the carrier will respond to a future claim arising therefrom as if that claim had been reported during the policy period.
Why is this important? Tune in to next week's Knowledge Knugget to find out.

Intellectual Property Basics (3/6/08 Knowledge Knugget)

Did you know.....

  • There are two types of intellectual property coverage?
    • One protects your insured against allegations of infringement ("defense" coverage)
    • The other provides your insured funds to protect their own intellectual property against an infringer ("abatement" or "enforcement" coverage)
  • There are over 12,000 IP suits filed annually, with a median cost estimated at 5.5mm
  • Being granted a patent does not mean that your insured is safe from infringing on others. The patent office uses different standards than competitors and courts
  • IP coverage can extend to copyright, trademarks, and trade dress. It is not limited to patents

Monday, March 3, 2008

Tech Talk (2/28/08 Knowledge Knugget)

Insureds involved in Information Technology or those with Websites (especially sites which are more than content-only) have unique exposures.

The 2004 CGL form automatically excludes AI/PI for many of these insureds.

The following coverages can be found in technology or cyberliability forms:

  • Intellectual property -- coverage for plagiarism; infringement of slogan, trademark, or copyright; unfair trade practices arising from same
  • Unauthorized access -- unauthorized persons intruding into system, or authorized persons engaging in unauthorized acts
  • Malicious coding or programming -- introduction of viruses or other harmful code

Other coverages may be available. Policies are manuscript, and coverage varies widely.

Sunday, February 24, 2008

Information Risk -- a Mini White Paper

The below information is developed specifically to address the information risk in a continuum of care environment. For non-healthcare or non-residential exposures, some of the exposures are lessened or removed, such as HIPAA, or the heightened exposure when the potential victim of an identity theft is not competent to conduct their own affairs.


An insured may have control over three kinds of information, the misuse or loss of which can cause harm.

  • Private information (social security numbers, drivers licenses, bank account, credit card, address, familial connections, etc.)
  • Medical information (illnesses, prescriptions, physician relationships, prognoses, genetic predisposition)
  • Mission critical information (client-specific data used to deliver care, billing information, information used to support credentialing and compliance)

Loss or impairment of the first two types of data can result in third party liability. Loss or impairment of the third type can result in business interruption.

From whence does liability arise?

Inherent in an insured’s relationship with its clientele is faith on the clientele’s part that it will be no worse for dealing with the insured than if it had not done so. When a client puts its private, sensitive information in the insured’s hands, it has a right to expect that information will not be intentionally, accidentally, or negligently used to harm the client.

This basic presumption has been bolstered by legislation in many states, and in some federal acts. Requirements for proper caretaking of private information are specifically codified for medical information, and are addressed in various legislative acts pertinent to certain industries, and in some cases, general business. These legislative acts require not only the proper securing of data, but also the notification of clients whose data has been compromised, among other actions.

Additionally, an insured may assume liability through commitments made in its contracts with clientele.

What kind of loss may occur?

A client whose data is compromised may become the victim of identity theft or other fraud. Fraud has long been an issue in an environment where the client may not be fully in charge of his or her faculties, or may be dependent upon others to take care of his or her estate or business and private affairs. This historical exposure has now been complicated by the rampant abuse of private information in establishing false identities, false accounts, false medical identities (to steal medical care), and false working credentials.

Any of these breaches of a client’s identity could cause not only financial harm to the client, but also to his or her estate and/or beneficiaries, as well as untold amounts of stress, emotional distress, mental anguish, time and money spent repairing damage and getting records corrected, and so on.

Loss or impairment of mission-critical information also can compromise the insured’s day-to-day operations and require costly data reconstruction or extra expense to operate emergency backup systems. As a side note, if the entity is not properly protected against loss of data, or does not have a plan to quickly replace lost data that is mission-critical, there could be liability to the directors and officers for failing to have such a plan, especially if the loss of the data impairs patient/client care in any way.

Impairment, loss or misuse of data can occur through malicious actions of intruders, or can be perpetrated by employees. It can also occur accidentally, such as through transmission of data to an unintended recipient, or failure to shred sensitive documentation.

In addition to third party liability and business interruption exposures, the insured is at risk for a reputational loss. Due to requirements to disclose data breaches, it is no longer possible to keep such an event completely quiet. Add to the required disclosure “word of mouth” publication of the event, and the insured can easily be harmed by common knowledge of its inability to safeguard sensitive information.

What coverages can be found?

Many policies today can provide coverage for third party liability for private and medical information. The scope of coverage can vary from web or network-based exposures to physical forms of data, and from solely outsider actions, to those perpetrated by an employee. Most policies will cover not only identify theft outcomes to data breaches, but also personal injury damages. Some will provide sublimits for notification costs, and for credit repair costs, as providing credit repair to breach clients mitigates the potential liability loss.

Some of these policies will also extend coverage to first party exposures. The causes of loss revolve around hacking, denial of service attacks, viruses, and other technology-driven actions. Many insureds rely upon their backup systems as protection from business interruption due to information loss. However, backup tapes may not be as current as expected, duplicate systems can be expensive, and technology-driven loss of data does not trigger an EDP policy or the business interruption provision of a property policy. Therefore, most insureds are bare on this exposure.

Identity Theft Basics (2/21/08 Knowledge Knugget)

  • Identity Theft incidents lead to 45 Billion dollars of loss in 2007
  • More than half of the thefts surveyed occurred via physical media versus electronic means
  • Your insured can have liability for information breaches due to tort, contract or legislated obligations
  • Network security/information policies can cover both third and first party liability exposures (legal liability and business interruption)
  • Some policies cover losses perpetrated by employees
  • Coverage can be purchased on a monoline basis, or as part of a professional liability or other type of package or executive protection policy

Sunday, February 17, 2008

Sarbanes Oxley & Nonprofits (2/14/08 Knowledge Knugget)

Did you know that many nonprofit organizations are subject to provisions of Sarbanes-Oxley?

* Nonprofits with revenue greater than $1,000,000
* Nonprofits expending more than $500,000 of federal funds
* Must comply with certainSarbanes-Oxley provisions regarding audits.

Failure to comply can result in personal liability for the directors and officers. Check your nonprofits' D&O coverage to make sure it is up to date and limits are adequate.

Wednesday, February 13, 2008

EMail News Service launched 2/14/08

Tomorrow is the first day of my weekly email news service. This service is called Knowledge Knuggets and brings agents small, consumable bites of important information on a variety of professional liability topics. Knowledge Knuggets take about 10-15 seconds to read, and recipients can call or email for more information, or initiate dialogue as desired.

I'm looking forward to delivering these critical pieces of information into agents' hands and minds on a regular basis and am sure they'll provide much food for thought and stimulate conversation and production opportunities for all.

If you are not currently receiving Knowledge Knuggets and want to be added to the mailing list, please let me know by emailing me at