Cyber Crime Protection
A program of cyber-crime prevention, data breach remedies and data risk liability insurance for houses of worship, camps, schools, denominational/association offices and senior living communities.
Cyber breaches and subsequent liability risks are top of mind across all industries, including houses of worship, schools, camps and senior living communities. If you use computers and servers and collect private information, you are at risk for any number of threats, including:
- Malware and viruses
- Staff error
- System glitches
Church Mutual is here to help
To help better protect our customers, we’re working with CMIC Specialty Services and Identity Fraud Inc. to provide cyber liability insurance, breach response remedies, business identity protection and other related data theft risk management services.
The program is offered through either individual policies or master policies, with each participating policyholder receiving a certificate where appropriate. This streamlined method allows Church Mutual customers to purchase coverages and related services at favorable pricing.
The program is available at two levels — Core Cyber™ and Core Cyber Pro.
Coverage is triggered by failure to protect the private information of others in your care, custody or control — both electronic and paper.
This first level includes five broad areas of prevention measures and insurance:
1. Data risk liability insurance
Coverage is provided for:
- Failure to disclose/notify affected parties per breach notification laws
- Regulatory fines and penalties
- Cyber extortion
- Legal consultation
- Public relations
- Forensic investigation/audits
- Remedies for identity theft education and assistance
- Victim cost reimbursement insurance
- Credit file or identity monitoring
- Payment Card Industry/Data Security Standard fines and penalties (up to a $250,000 sublimit)
- Internet media liability, including copyright infringement, plagiarism, theft of ideas, invasion of privacy, defamation, slander, negligent infliction of emotional distress and more
- Other related court judgments and settlements
Available limits range from $50,000 to $1,000,000 per annual term. There is a $1,000 retention (deductible). Sublimits may apply.
2. Data breach response remedies
Covers expenses related to a breach of data, which include:
- e-Business network interruption
- Loss of business income
- Reconstruction of data
- Crisis management
The data breach coverage limit is 50% of the data risk liability limit you purchase, up to a maximum of $500,000. A $1,000 retention applies.
3. Incident Response On-Demand™
Around-the-clock access to experts who will assist you with:
- Incident analysis to determine if a data breach occurred and if sensitive data was lost
- Strategic planning of the response
- Notification of the data breach to those whose information was compromised in the breach. This includes assistance in creation of the notification, address verification and mailing services.
- Victim resolution services, such as a telephone hotline to answer questions and concerns
- Consumer identity protection, such as credit monitoring
Incident Response On-Demand services and covered expenses are subject to the data breach sublimits.
4. Identity protection for all full-time employees
If any of your full-time employees become individual victims of identity fraud or identity theft, they receive coverage for:
- Reasonable legal fees for defense, removal of judgments and contesting of incomplete or inaccurate records
- Lost wages while taking time off work to resolve an incident, up to $2,000
- Other expenses, such as communications with institutions, credit card monitoring and personal records monitoring
- Assistance with responding to the fraud or theft
The annual limit per employee is $15,000. There is no deductible.
5. Risk management services and education module
Help prevent yourself from becoming a victim of cyber crime with the following risk management tools:
- Computer vulnerability scans (internal assessments)
- Mobile device vulnerability scans
- Online training modules for employee education, information security and technology
- Keystroke encryption software (downloadable)
- Sample incident response plans
Core Cyber Pro
This second, more robust, level adds Business Identity Protection to the Core Cyber plan. The program helps you promptly learn of potential business identity fraud through:
- Business credit monitoring and alerts
- Business cyber monitoring, which scans the Internet, chat rooms, bulletin boards and other online sources, searching for your organization’s identifying information
- Unlimited access to your organization’s credit profile
- Professional fees
- Defense of lawsuits or criminal allegations
- Removal of any fraudulent civil or criminal judgments
- Contesting the inaccuracy or incompleteness of any information or records containing your business information
- Lost wages while taking off work to resolve an incident
- Other allowable miscellaneous costs, such as travel, client communications and business records monitoring
- Educational white papers
Business identity fraud insurance features a $50,000 annual limit, with an annual deductible of $100.
Think cyber crime can’t happen to you? Think again.
Just take a look at the following examples to learn why everyone should have appropriate coverage.
Data breach at an assisted living facility
The United States Secret Service identified a potential HIPAA breach that may have compromised data for 100 residents. As a result, an experienced team of dedicated cyber claims specialists quickly engaged a breach coach and a forensic investigator. Knowledgeable partners helped ensure the incident was properly handled and reported to the state regulatory agencies.
A pastor’s laptop — stolen
A pastor’s laptop containing members’ private financial information was stolen from his home. As a result, members sued the church for damages resulting from alleged failure to protect their private financial information.
A malware data breach at a conference center
A conference center’s computer system was compromised when a third party sent a malware program via email to a number of employees. The invasive software allowed the third party to access the system and capture the names, addresses and credit card numbers of more than 500 guests.
Theft by an employee
A private school secretary stole a donor’s credit card information, resulting in a forensic investigation, a lawsuit and a Payment Card Industry (PCI) fine. The total cost of investigation, fine and settlement approached $50,000.
A costly mistake
A staff member at an assisted living facility commented on a resident’s health matter on a social media site. The HIPAA violation and resulting legal expenses exceeded $250,000.
An online bookstore hacked
An online religious bookstore had its transaction processing system hacked. Thieves collected credit card data over the course of one year before the Secret Service notified the retailer’s manager. A credit card company issued thousands of dollars of PCI-related contractual fines and penalties to the payment processor who, in turn, contractually passed the obligation to the bookstore.
This program is offered by Church Mutual through CMIC Specialty Services and Identity Fraud Inc. and its business partners.
CMIC Specialty ServicesTM is a subsidiary of Church Mutual Insurance Company.
Core Cyber™ is a trademarked name of Identity Fraud Inc.
This webpage contains only illustrative information about available coverages and protection benefits and is not a policy contract. Refer to your insurance policies and specific program terms for complete descriptions of coverages, benefits, limitations and exclusions. The insurance coverages outlined herein are administered by Identity Fraud Inc. and underwritten by A-rated insurers. Various other services are provided by Identity Fraud Inc. and/or its technology partners.