A recent federal court decision examined the importance of an insurer’s timely claims handling procedures in the context of cyber insurance policies. Travelers Property Casualty Co. of America v. Federal Recovery Services, Inc., No. 14-CV-170 (D. Utah Jan. 12, 2016). In one of the first written opinions addressing whether a claim implicating electronic data misuse is covered by a type of “cyber” insurance policy, the U.S. District Court for the District of Utah revealed that courts may be inclined to apply a heightened standard of care to an insurer’s delay in investigating cyber insurance claims – even when the insurer is found to not owe coverage under the policy. The insured, in the business of providing services for electronic data, purchased a cyber insurance policy that covered losses caused by “any error, omission or negligent act.” After being sued by one of its clients for allegedly retaining possession of member data and knowingly interfering with its business dealings, the insured sought coverage under the cyber policy. While the court found that the insurer did not owe its insured a duty to defend under the policy, and thereafter dismissed the insured’s breach of contract and breach of fiduciary duty claims, the court denied the insurer’s motion for summary judgment on the insured’s claim for breach of implied covenant of good faith and faith dealing. In denying, the court focused on the inherent covenant that exists in every contractual relationship. The court reasoned that “[a]t the very least, the covenant contemplates that the insurer will diligently investigate the facts to enable it to determine whether a claim is valid, will fairly evaluate the claim, and will thereafter act promptly and reasonably in rejecting or settling the claim.” The court also reasoned that while an insurer cannot be held to have breached this covenant by denying a claim for coverage that is debatable but later is found to be proper, an insurer may still breach its covenant for separate reasons, such as the mishandling of a claim. The court cited to the insured’s allegations that the insurer required copies of the underlying filings and pleadings before it would initiate an investigation into the insured’s claim and also failed to “diligently investigate, fairly evaluate, and promptly and reasonably communicate with” the insured. These allegations of improper claims handling, the court found, raised issues of material fact to be determined by a jury. In allowing the insured’s claim for breach of the implied covenant of good faith and fair dealing to stand despite finding no coverage under the cyber policy, the court may have been inclined to apply a heightened standard of care to an insurer’s delay in investigating cyber insurance claims. Depending on the circumstances and the type of cyber coverage at issue, such claims could be extremely time-sensitive, and any delays could have a significant negative impact on an insured’s losses. Thus, the decision reflects the importance of an insurer’s diligent claims investigation when its insured submits a cyber insurance claim, even when coverage ultimately may not be due.