subject_line
Data Breach / Cyber Liability Form
GENERAL INFORMATION
Company Name:
*
Address
*
Company Point of Contact
*
Telephone:
*
E-mail
*
Website URL’s:
Date Business Established
Business Description
Total Estimated Gross Annual Revenue:
Management Of Privacy and Data Exposures
Total Number of employees
Full Time
Part Time (including temporary)
Independent Contractors
Leased
Seasonal
0/100 points
Do you have a written corporate-wide privacy policy regarding the protection and safeguarding of client and company info?
Yes
No
Do you accept credit cards for goods sold or services rendered?
Yes
No
If yes, are you in compliant with applicable data security standards issued by financial institutions that you transact with (e.g. PCI standards)?
Yes
No
Are you aware of any release, loss or disclosure of personally identifiable information in its care, custody or control, or anyone holding such information on behalf of you in the most recent three year time period from the date of this Application?
Yes
No
If yes, please describe:
Computer System Controls
Do you publish and distribute written computer and information systems policies and procedures to its employees?
Yes
No
Does the applicant have:
a disaster recovery plan?
Yes
No
a business continuity plan?
Yes
No
an incident response plan for network intrusions and virus incidents?
Yes
No
Do you use commercially available firewall protection?
Yes
No
Do you use commercially available antivirus protection?
Yes
No
Do you terminate all computer access and user accounts as part of the regular exit process when an employee leaves the company?
Yes
No
Please provide the Name / Email and Phone Number of the employee of the that is designated to manage a response, including consumer notification, in response to a data breach event
Do you have, and enforce, policies concerning when internal and external communication should be encrypted?
Yes
No
Do you encrypt data stored on laptop computers, back-up tapes and all other portable media?
Yes
No
Do you encrypt data “at rest” within computer databases?
Yes
No
Do you enforce a software update process including installation of software “patches”?
Yes
No
Have you suffered any known intrusions (i.e., unauthorized access or security breach) or denial of service attacks relating to its computer systems in the most recent three (3) year time period from the date of this Application If yes, describe any such intrusions or attacks:
Yes
No
If yes please provide details
Website Content Controls
Do you have a process to review all content prior to posting on the Insured’s Internet Site?
Yes
No
If you do not have a process to review all content prior to posting, please describe procedures to avoid the posting of improper or infringing content:
Within the last three (3) years, have you ever received a complaint or cease and desist demand alleging trademark, copyright, invasion of privacy, or defamation with regard to any content published, displayed or distributed by or on behalf of you?
Yes
No
If yes, please provide details regarding any such demands:
3rd Party Applications
Do you or a third party service provider on behalf of you, collect non-employee (client) personal identifiable information (name, address, credit cards, social security #, driving license, medical records)
Yes
No
If “Yes”, # of records (clients, files)
If “Yes”, do over 10% of these records contain medical or financial account information (other than credit card information)?
Yes
No
Do you or a third party service provider to store / collect / keep track of client or customer information (name, address, credit cards, social security #, driving license, medical records)?
Yes
No
If yes please provide the the 3rd Party Application and Details
Prior Insurnace
Do you currently have insurance in place covering media, privacy or network security exposures?
Yes
No
If yes, please provide the following:
Insurance Company:
Limits (If Known)
Deductible (If Known)
Policy Renewal Date
Current Premium
Retroactive Date (If Known)
Prior Claims and Circumstance
Have you ever received any claims or complaints with respect to allegations of invasion of or injury to privacy, identity theft, theft of information, breach of information security, software copyright infringement or content infringement or been required to provide notification to individuals due to an actual or suspected disclosure of personal information?
Yes
No
If yes, Provide details of each such claim, allegation or incident, including costs, losses or damages incurred or paid, and any amounts paid as a loss under any insurance policy:
Have you been subject to any government action, investigation or subpoena regarding any alleged violation of any law or regulation?
Yes
No
If yes, please provide details of any such action, investigation or subpoena:
Have you ever experienced an extortion attempt or demand with respect to its computer systems?
Yes
No
If yes, please provide details:
Have you notified consumers of a data breach incident in accordance with a data breach notification law in the past three (3) years?
Yes
No
If yes, please provide details:
Have you, or any director, officer, employee or other proposed insured have knowledge or information of any fact, circumstance, situation, event or transaction which may give rise to a claim or privacy breach notification under the proposed insurance?
Yes
No
If yes, please provide details:
Powered by
Report abuse