Cyber Cover

In the last renewal – November 2021 – some smaller practices were having difficulty in meeting the criteria for cyber cover because they were not undertaking the appropriate security processes in their systems.  Covid, and the increase in working from home, has provided increased scope for opportunistic cyber-crime, and Aon has an Australian U-Tube clip which makes useful viewing (if you can cope with the background music!):  https://www.youtube.com/watch?v=ZjDT1UOPTwQ&t=3s

In reviewing your own systems, the following questions cropped and copied from the last PI renewal form may suggest actions to think about:

• Are all computer systems, mobile devices and websites firewalled or have intrusion prevention systems on them?
• How often are protections and procedures updated?      Daily ? – Weekly ?

Does the Practice or Entity:

• Use firewalls to prevent unauthorised access connections from external networks and computers systems to internal networks?
• Use anti-virus protection and procedures on all desktops, e-mail systems and mission critical servers to protect against viruses, worms, spyware and other malware?
• Have physical security controls in place to prohibit and detect unauthorised access to their computer system and data centre?
• Have access controls in place (e.g. passwords) for employees and other users to deny access to sensitive data on computer systems
• Have backup and recovery procedures for all data and IT systems
• Have any domiciled operations or derive revenue from USA, Canada, UK, Europe or Australia?

Has the Practice or Entity sustained a single loss or losses, or suffered from any cyber breaches (including, but not limited to data loss, network intrusion or hack attack including telephone hacking), or been subjected to any fines in the last three years, for which this proposed insurance may be relevant?