Loss of hospital data highlights importance

of insurance policy reviews

Six Laptops stolen from South London Hospital emphasise the need for companies to review coverage of insurance policies, in addition to implementing a risk management solution.

London 19th June 2008
The theft of six laptops, from the St George's Healthcare NHS Trust, containing information on 20,000 patients is yet another data loss incident that shows that risk management procedures need to be complemented with adequate insurance protection, as IT and data security failures can and do occur often resulting in substantial financial loss.

Many companies hold sensitive customer and employee data electronically, for example in the financial and healthcare sectors. This information is often shared with other organisations as companies outsource functions, particularly in Accounting and Human Resources. The negative financial impact from a data loss to such a firm could be substantial, possibly running into millions to cover costs such as consumer notification, call centre capacity (to deal with customers whose records have been compromised), ongoing third party credit monitoring, claims for identity fraud, litigation expenses and damages and regulatory defence and settlement.

This is why businesses buy insurance, however, traditional insurance polices generally do not cover these types of threat. Companies should review their policies to ensure they are covered adequately. The ever changing business environment has a direct effect on a companies risk profile. Heightened dependence on outsourcing means that security risks are becoming harder to quantify and prevent. The new risks associated with relying on networks and using digital data must be addressed by risk managers in the same manner they would consider the more traditional risks.

In reference to the St George's loss, Simon Milner, Partner, JLT comments;
"This is not the first time we have seen such a breach of security and certainly won't be the last.  As the theme continues businesses need to assess potential risk and how exposed they are in comparison to what their insurance policies actually cover"

(Source: http://news.bbc.co.uk/1/hi/england/london/7461619.stm)

JLT have an established reputation for forward thinking in Cyber and IT Risks for over a decade. We provide advice and innovative solutions to many leading corporations across the world. This experience has enabled us to develop specific insurance products which offer comprehensive levels of cover for cyber and IT-related risks.
Find out how JLT's Cyber and IT Risks team can provide expertise to your business here

Webcast
JLT covered the issue of Data security earlier this year in an informative Webcast, which you can register for by clicking here.