Cyber Insurance Clause Samples

Cyber Insurance. If Consultant will have access to the City’s network or City’s data, Consultant must maintain throughout the duration of this Agreement and for a period of three (3) years after the termination of this Agreement. Coverage must include: Cyber Incident/Breach Response and Remediation Expenses, Digital Data Recovery, Privacy and Network Security Liability, and Notification Expense.

Cyber Insurance. In addition to insurance required under the Agreement, Supplier shall at its sole cost and expense procure and maintain through the term of the Agreement and for two (2) years following the termination or expiration of the Agreement cyber/network privacy insurance with limits of $5,000,000 per claim/in aggregate. Such policy shall provide coverage for disclosures and/or breaches of University Data arising out of or relating to Supplier’s Services. Such policy shall also include coverage for the costs associated with restoring lost or damaged University Data, sending breach notifications to affected individuals, public relations expenses, fines and penalties. Such policy shall not contain exclusions for the acts or omissions of either Supplier or University or their respective employees, agents, subcontractors or volunteers, whether intentional or unintentional, resulting in or relating to any Use of University Data not expressly permitted by the Agreement and this Addendum or any breach of University Data. Supplier must notify University at least thirty (30) days prior to the cancellation or modification of such policy.

Cyber Insurance. Client shall secure and maintain for the duration of the contract Cyber Liability Insurance to insure Client cyber exposures. Specific limits and coverages should be evaluated by a qualified insurance broker or risk manager to determine Client specific coverage and policy limit requirements. A minimal $1,000,000 Policy per occurrence/aggregate limit is required.

Cyber Insurance. If the Vendor will be communicating with the District electronically and/or collecting any sensitive staff or student data, the Vendor must have coverage applicable to first- and third-party claims including but not limited to data compromise expenses and liability, forensic review costs, legal review costs, data restoration and re-creation costs, public relations costs, extortion costs, network security liability, identity recovery costs, regulatory fines and penalties, and credit monitoring costs. Coverage limits shall be no less than: Each Occurrence/Claim $1,000,000 Aggregate $1,000,000

Cyber Insurance. Each Party receiving Confidential Information shall secure, provide and maintain during the term of this Agreement, an insurance policy that provides coverage for any and all liabilities, damages, claims, losses, costs and expenses, of any kind, that may be incurred by or asserted against the Central ▇▇▇▇▇▇ resulting from or related to: (1) any act, error, or omission or negligence related to Company's technology and/or professional services; (2) intellectual property infringement arising out of software and/or content; (3) breaches of security; (4) violation or infringement of any right to privacy, or any breach of federal, state, local or foreign security and/or privacy laws or regulations; (5) theft, damage, destruction, or corruption of any data of Central ▇▇▇▇▇▇ or any employee, or customer of Central ▇▇▇▇▇▇, including without limitation, unauthorized access, unauthorized use, identity theft, theft of personally identifiable information or confidential corporate information, transmission of a computer virus or other type of malicious code; and (6) participation, including a denial of service attack on a third party. Minimum limits of $3,000,000 per occurrence. Such insurance must cover all of the foregoing without limitation if caused by an independent Company working on behalf of the Company, in performing Services under this Agreement. The policy must be kept in force by Company during the term of this Agreement and for six (6) years (either as a policy in force or extended reporting period) after this Agreement is terminated or after completion of the Project provided for herein, whichever is later.

Cyber Insurance. What types of cyber insurance does the vendor have in place? New insurance products have emerged that are designed specifically to address first and third party claims related to data, including the costs of responding to a breach. If the vendor under consideration carries such insurance, the vendor will be in a better position to respond in the event of a breach. Does the vendor’s policy provide coverage for breach remediation and notification expenses? Management of breach response by counsel? Forensic investigation and credit monitoring services? Does the policy provide coverage for regulatory fines and penalties? Reimbursement for crisis management and public relations services? Does the policy contain exclusions baring coverage for mechanical failure, failure to maintain the computer network or system, failure to maintain risk controls or lack of encryption? Focusing on these questions before negotiating the vendor agreement can help the parties better understand the options that may be available with respect to liability and indemnification. What audit reports are available with respect to the vendor’s data security practices? Below are some examples of audit reports that are increasingly available to a vendor’s potential customers: A Service Organization Controls Report 2 (SOC 2) is intended to demonstrate that the organization’s internal controls related to security, availability, processing, integrity, confidentiality and data privacy are operating effectively. A SOC 2 Type I report focuses on management’s description of a service organizations’ system, and the suitability of the design of the controls. The SOC 2 Type II report focuses on management’s description of a service organization’s system and the suitability of the design and operating effectiveness of the controls. The report includes an examination and confirmation of the steps involved, and an evaluation of the operating effectiveness of the controls for a stated period of time. The distinctions between a Type I report and a Type II report are subtle, but important. When evaluating a Type I report, the focus is on whether management has adequately described the system and adopted suitable controls for security, availability, processing, integrity, confidentiality and data privacy. The Type II report, in contrast, evaluates whether that system operates effectively. What type of report required depends on the nature of the engagement and the data to which the vendor will have access. SOC...

Cyber Insurance. Required for all software, computer hardware installation, data access, data integrations, data usage, cloud storage, SaaS, and or technology related contracts. $1,000,000 Each Claim/Wrongful Act $2,000,000 Annual Aggregate $1,000,000 Business Interruption $1,000,000 Data Recovery $500,000 Cyber Extortion Expenses $50,000 Cyber Extortion/▇▇▇▇▇▇ Payments If written on a claim’s made policy, the policy must be maintained for at least two (2) years after the completion of the work and/or contract.

Cyber Insurance. Customers of TOTLCOM have access to reduced rate cyber insurance from a cyber insurance company. Please contact us if interested and we will put you in touch. We will confirm that we are providing cyber security services for you (required for the discounted rate). Then, if your system is attacked and private information is compromised, you will have insurance.

Cyber Insurance. The Company shall have procured cyber (including HIPAA) liability insurance runoff coverage with a limit of liability of at least USD $1 million and at least 3 years’ prior acts coverage and shall have delivered a certificate of insurance evidencing such coverage to the Purchaser.