Losses from the Target data breach in 2013 are estimated to exceed $100 million. Many of those losses stem from claims placed by payment card networks alleging fraudulent charges, and it appears Target received a payment for at least some of those losses through an insurance policy. A Florida business may suffer any number of losses and costs in the wake of a data breach, and the question remains, does your insurance policy cover them?
Cyber-insurance is one way that Florida businesses may protect themselves from the losses and costs that inevitably seem to follow a data breach. Cyber-insurance may be necessary because the losses and costs associated with a data breach may not be covered by traditional insurance forms, including any costs a business may incur due to a state’s data breach law. For example, in the wake of a data breach, Florida’s newly enacted Florida Information Protection Act may require a Florida business to notify its consumers of a security breach, notify its consumers’ consumer credit reporting agencies, and provide materials to the Florida Attorney General. Complying with such obligations may prove costly, especially in the wake of an already devastating data breach. Florida businesses may find it prudent to insure that their cyber-insurance policies take into account those costs necessary to comply with Florida’s data breach law – as well as any other state’s data breach law that may affect their businesses.