Each and every insurance agent is responsible for their individual recordkeeping as part of the professional standards of conduct. This involves cataloguing conversations, saving soft copies of email exchanges and even text and voicemail messages. However, with the threat of cyber crimes on the rise more than ever cyber invasion and information intrusion is the biggest imaginable threat leading to data theft. With the threat of cyber invasion looming large in the industry. We often condemn data breaches as cyber risk issues but when it comes to professions that base their businesses on the collection, retention and distribution of personal as well as proprietary data there should be no room for errors and omissions.
In response to the above situation, some companies have started dovetailing cyber coverage into their agents E&O policies as well. It has to be borne in mind that the small and mi size agencies and organizations are a particular concern since most of them are capable of maintaining comprehensive cyber security as compared to their deep-pocketed industry rivals or the big wigs.
A standard E&O policy however does not cover cyber exposure as such there is a dire need of a specialized program, policy or an endorsement is needed in all probability. According to opinions of industry experts, stand – alone policies might be able to offer a broader coverage or higher limits, but they would entail additional premiums. Irrespective of the economics, the E&O experts recommend the support of coverage along with education and awareness that are imperative to a complete cyber exposure program. To make it comprehensive it could include newsletters, trainings and periodic alerts to remind agents to execute cautionary measures.
The advances in digital communication, cloud storage and mobile access to data records have also accelerated aggressive hacking threats. Insurance agents and their agencies need to reconsider their data access policies and liability coverage frequently apart from providing customer awareness and their role in the entire data-protection equation as part of the risk mitigation plan.