By Ken Reinig
Forbes.com reported that the Chubb Group of Insurance Companies found 65 percent of public companies don’t have cyber insurance, yet they identify cyber risk as their number one concern. With the issues faced by Target stores over the holiday shopping season and recently the Heart Bleed virus hitting major banks, maybe you think that cyber liability is only for big companies. So do you really need to consider it? YES, you really need to consider this.
The new threat to business owners and especially club owners
In this age of technological advances in data collection, electronic fund transfers, and dues processing, health club owners need to be aware that they have an increased exposure to cyber liability. 10 years ago cyber liability was designed to protect the computer and technology industry but it has evolved from that original intention. It protected companies from alleged wrongful acts arising from the performance of services as a technology consultant. In plain terms — cyber liability has protected companies of all sizes against hacking and inadvertent leaking of personal information that may cause harm to a third party.
Today, cyber liability is designed to protect any industry, especially ours, that obtain personal information from their clients. The last thing any club owner or manager wants is to have that information compromised or “hacked.” Worse, would be your valued client holding the club responsible for mishandling of that sensitive personal information.
Who is at risk?
According to Philadelphia Insurance Company, the cost to comply with federal and/or state notification to your clients of possible breach in their personal information is $203.00 PER CLIENT. If you have 2,000 members, that is $406,000. Your regular liability and property insurance will NOT cover this exposure.
Even clubs that use third party billing companies are at risk. If a club or their billing company is gathering bank information, credit card numbers, health history, and personal data such as social security numbers, then the club can be held accountable if that information is compromised or stolen.
Consider these possible scenarios:
1) Member information was on an employee’s laptop that was stolen from the gym. The laptop contained member’s names, addresses, and social security numbers, or bank account information, dates of birth, cell phone numbers and medical information on your members. This information was then sold to a hacker or an identity thief.
2) A Trojan horse attacked a club’s billing company and the owner was unable to collect dues. In the meantime, the cash flow stopped and the owners needed to hire experts to find the bug, fix it, and work with the bank’s Internet processing until the problem is fixed. Could you operate 40-60 days without your billing check?
3) A club sponsors a golf tournament and inadvertently uses the logo of a manufacturer on their website without their permission and then they get sued.
4) A third party collection company has a breach of security and one of their employees was able to download all of a club’s client information. All of the club’s members have to cancel their credit cards, then have their cards reissued. Then they must sign new agreements for payment withdrawal costing the club thousands of dollars — not to mention claims from the members and cancellations of memberships.
Cyber liability insurance protects the club from breaches in security of private client information and inadvertent HIPAA violations. This coverage also extends to the personal information of your employees as well. Although your potential fiscal existence can be compromised by just one claim from cyber liability, the cost to obtain the coverage is relatively inexpensive. Our recommendation is that you contact your agent to find out more information on this coverage.