ICT Claims Scenarios
Technology E&O – “Internet Content” – A health system accidentally posted the medical records of thousands of patients on the Internet. A class action suit was filed for alleged emotional distress of the effected patients.
Loss: The class action seeks damages in excess of $10 million and the federal government has notified the system to prepare for an investigation under HIPAA.
Cyber Liability – “Personal Records Disclosure” – A woman purchased a used computer from a pharmacy. The computer still contained the prescription records, including names, addresses, social security numbers, and medication lists of pharmacy customers.
Loss: The cost of notifying effected parties per state law totaled nearly $110,000. Two lawsuits have been filed: one alleges damages in excess of $200,000 from a party who claims she lost her job as a result of the disclosure; the second alleges that the plaintiff’s identity was stolen, and that costs of correction and emotional distress will exceed $100,000. A HIPAA investigation is also underway.
Cyber Liability – “Data Security” – A part-time hospital employee gained unauthorized access to confidential electronic patient records and discussed with co-workers an individual’s HIV status. The individual sued the hospital for lack of adequate IT security measures in protecting digital patient records.
Loss: The hospital was held liable for $250,000. An additional $85,000 was spent on defense.
Internet Liability – “Software Malfunction” – Diagnostic software incorrectly creates a false image as a result of a software programming error, resulting in a possible contingent bodily injury claim.
Loss: The maker of the software has to defend the quality of their product in light of a lawsuit claiming that the product created a downstream bodily injury. Possible damages are related to either the bodily injury itself, or the reputational damage claims of the medical provider who trusted the software.
Claim Scenarios » Financial Institutions
Technology E&O – “Service Interruption” – A data processor to a financial institution has an interruption in service, which causes a loss of revenue to the financial institution.
Loss: Defense expenses and resolutions costs of third-party claim exceeded $1,000,000.
Cyber Liability – “Missing Data” – An employee of a financial institution has a laptop with sensitive client data go missing.
Loss: GLB regulatory investigation ongoing. Multiple lawsuits pending by individuals whose data has been compromised. Total defense costs exceed $700,000.
Claim Scenarios » E-Commerce Businesses
Technology E&O – “Database Error” – An online procurement company has a database error which sends thousands of dollars of the wrong equipment to the wrong location causing project to fall behind schedule and miss critical deadlines.
Loss: Customer’s suit resolved for $485,000.
Cyber Liability – “Unauthorized Use” – An online retailer has its network hacked by an unauthorized user, resulting in exposure of the credit card information of customers.
Loss: Class action recently filed against retailer.
Internet Liability – “Wrong Data” –An online manufacturer inaccurately compares its product to a competitor’s, resulting in a claim for misrepresentation and unfair trade practices.
Loss: Defense expenses already exceed $375,000.
Claim Scenarios » Technology Providers
Technology E&O – “Third-Party Business Interruption” – A software implementation goes awry and interrupts mission critical processes to a third party customer.
Loss: Defense expenses of $300,000 associated with defense of a suit claiming business interruption of a third party.
Cyber Liability – “Unauthorized Access” – An online business process software (ASP) inadvertently provides access to a non-authorized user, exposing confidential customer contact information to unauthorized users.
Loss: Regulatory investigation for a data privacy incident which could lead to a fine or penalty. Private suit for loss of or damage of data settled for $875,000. Defense expenses in excess of $275,000 incurred.
Internet Liability – “Internet Security” – The medical records of a woman were posted on the Internet without her knowledge or consent a few days after she was treated at a religiously-affiliated medical center following complications from an abortion at a women’s health clinic. Anti-abortion activists then posted the records online along with a photograph of the woman being transferred from the clinic to the hospital. The woman sued the hospital, alleging it released her medical records without her authorization.
Loss: Defense costs and case settlement expenses together exceeded $500,000.
Claim examples are based on hypothetical situations or composites of actual cases. It is our policy not to release claim case numbers or any specific claim details. Coverage for particular claims is subject to policy language as issued.
About the Author
Write a Comment
Gravatars are small images that can show your personality. You can get your gravatar for free today!