A popular workers compensation insurance program offered by Berkshire Hathaway subsidiaries Applied Underwriters Captive Risk Assurance Company (Applied Underwriters) and California Insurance Company may be in trouble. On January 21, 2016, the California Insurance Commissioner adopted an administrative decision finding that a critical piece of the program had not been submitted for approval and was therefore void. Any company now insured under this program should carefully monitor developments and consider alternative options for workers compensation insurance. Continue Reading Is Your Workers Compensation Program Unlawful?

Recently, I was asked to look at coverage for a case where the insurer had denied a duty to defend several years before. We concluded that the insurer should have been defending based on certain allegations in the complaint and asked it to reconsider. In the meantime, though, a successful partial summary judgment motion had dismissed the only covered claims. There is good law to suggest that the duty to defend should continue, but the client could have avoided an unnecessary fight had she retained coverage counsel at the outset. Continue Reading Leave It to the Policyholder Professionals – Do Not Try This at Home

In the December post Systemic Cyber Risks And The Internet of Things, we wrote about the increasing risk of cyber attacks on infrastructure and consumer products, and related insurance issues. We noted in that post that, while there have been a few cyber attacks on the Internet of Things (IoT) reported over the past few years, the number of such attacks was certain to grow. It has. Since our December post, several new attacks and developments have been publicly disclosed. These attacks again remind us that companies should evaluate their risks and exposures relating to the IoT and carefully negotiate their insurance policy renewals or purchases. Continue Reading Cyber Attacks on Infrastructure Are Increasing: Review Your Insurance As “Internet of Things” Risks Grow and Change

As Bay Area residents prepared for thousands of football fans and media to descend on their region for the Super Bowl, one began to hear the sorts of rumblings that typically precede big events. Traffic will be terrible. Parking will be worse. Good luck getting a table at a restaurant. Oh, and good luck finding a place a sleep if you’re from out of town.

Former Mayor Willie Brown had advice for the naysayers: Rent your house on Airbnb! “Everyone is going to make a killing, including the private citizens who are smart enough to schedule a vacation paid for by Airbnb’ing their homes.” Continue Reading Insure Your Risk as an Airbnb Host

When a new company moves to secure funding and formalize operations, insurance is often an afterthought. But with a bit of effort, emerging companies can obtain strong insurance protection, maximize their existing coverage, and make themselves more attractive to future investors and other partners. Emerging companies should focus in particular on commercial general liability, data privacy and cyber liability, errors and omissions liability, directors’ and officers’ liability (D&O) and, depending on the number of employees, fiduciary liability and employment practices liability policies. An effective risk management strategy will also depend on strong external support from insurance brokers and counsel.

In the article 5 Insurance Tips for Emerging Companies published by Risk Management, I discuss five best practices for getting started on an insurance program.

In the ACC Docket article, Cybersecurity and Data Breaches: How In-House Counsel Can Engage the Board, my fellow partner Carly Alameda and her co-author Olga Mack of ClearSlide correctly observe that cyber insurance may cover costs a company incurs as a result of a data security breach.

I’d emphasize that boards should carefully review proposed policies before they buy one to ensure that they obtain the desired coverage. Cyber insurance policies are not written on standard forms. Policy language and the scope of coverage offered by different insurers can vary, sometimes widely.

I’d suggest that boards first gain an understanding of their own risk profile and then seek to tailor the cyber insurance to address their particular risks. For example, not all cyber insurance policies will cover the insured if the data security breach was caused by an intrusion into a third-party vendor’s system, even though the insured is ultimately responsible for providing notice to consumers and may face lawsuits by consumers, banks and others. Companies that rely on third-party vendors to collect or store PII should make sure that any policy they buy covers losses due to an intrusion into third-parties’ systems.

David Smith and I have recently been writing and speaking about cyber risks and cyber insurance for the wine industry. While many of the high-profile data security breaches in the news involve large public companies, all businesses that accept credit cards for payment and/or have personally identifiable information from employees or customers are at risk of a data security breach. This is the case even if the collection or storage of such information is handled by a third-party vendor. Businesses should carefully consider their cyber risks and whether cyber insurance could help them manage those risks. We’d like to share an article we recently wrote on protecting your wine business against data security breaches and other cyber risks: Protect Your Wine Business Against Data Security Breaches and Other Cyber Risks.

On December 16, 2015, the California Department of Motor Vehicles (CA DMV) issued draft regulations for the deployment (not just testing) of autonomous vehicles. When adopted, they may be the first such regulations in the country. The National Highway Transportation Safety Administration (NHTSA) is moving ahead with testing of self-driving technologies in anticipation of setting safety standards. Meanwhile, Google and virtually every major car manufacturer has stepped on the innovation gas pedal to develop self-driving technologies. Will regulators be ready when the cars are? How will the regulation of autonomous vehicles impact the liability landscape and, in turn, how that liability will be insured? Continue Reading Autonomous Vehicles – How Will Regulators Keep Up With The Technology?

sample

As Bay Area residents prepared for thousands of football fans and media to descend on their region for the Super Bowl, one began to hear the sorts of rumblings that typically precede big events. Traffic will be terrible. Parking will be worse. Good luck getting a table at a restaurant. Oh, and good luck finding a place a sleep if you’re from out of town.

Former Mayor Willie Brown had advice for the naysayers: Rent your house on Airbnb! “Everyone is going to make a killing, including the private citizens who are smart enough to schedule a vacation paid for by Airbnb’ing their homes.”

Continue Reading Insure Your Risk as an Airbnb Host

Companies’ awareness of “cyber” risks has increased significantly because of large and highly publicized data security breaches, such as Target and Home Depot.  Companies are starting to more proactively manage the risk of data security breaches by strengthening their IT defenses and, in many cases, buying cyber insurance.  However, many do not realize that data security breaches are just the tip of the cyber-risk iceberg.  Because nearly our entire economic system depends on electronic devices, machinery and infrastructure that is connected to the internet (i.e., the “Internet of Things”), the potential exists for much larger scale hacking attacks that could control, damage, destroy or shut down many of the systems on which we rely to conduct business.  Some of this risk is covered by cyber insurance, but much of it is not.  Proactive and effective “Enterprise Risk Management” will be vital to companies seeking to protect themselves against these growing risks.  Businesses should carefully review their unique risk profiles, indemnity contracts and insurance policies (including their non-cyber “traditional” policies) to identify and mitigate their exposures.

We have all heard of the large scale attacks on Target, Home Depot and more recently, Ashley Madison.  The news generated by these cyber attacks has contributed to the public’s increasing awareness of the large volumes and types of personal information that companies are holding about their customers.  To protect themselves against some of the losses that such data security breaches may cause, many companies have prudently responded by buying “cyber insurance.” Continue Reading Systemic Cyber Risks And The Internet of Things