Setting insurance requirements for independent contractors can be a tricky line to walk. On the one hand, setting the requirements too low leaves you vulnerable to damages and lawsuits. On the other hand, setting them too high can cause premiums to skyrocket, which deters top independent talent from working with you at all. As a general base, most independent contractors are required to have general liability insurance, professional liability insurance, or (most commonly) both. These two coverages protect your company against physical harm caused by the independent contractor, as well as intangible damages caused by errors in their work. What they don’t protect is data.
When is Cyber Insurance Necessary?
“Cyber Insurance” may sound like something that only IT professionals would need, but it’s actually a relevant protection for most industries. These days, the chances that you use a computer or interact with sensitive personal information are pretty high. Whether this data is encoded deep within your computer or is handwritten in a notebook, Cyber Protection takes the liability off of your hands should anything happen to it. While cyber protection won’t be necessary for every independent professional, it’s worth taking a deeper look at what it covers, and whether you should require it in your next contract.
What does Cyber Insurance Protect?
Most businesses have strategies in place to protect against hackers and data theft. But while you may have expensive firewalls on company computers and insurance should they fail, an independent worker may not. Cybercriminals target businesses of all types, including independent contractors. If private data on your company or your clients is stolen from an independent contractor’s computer, your insurance policy may not cover the damages. Cyber protection helps independent contractors cover client lawsuits, investigations into the breach, and credit monitoring for those affected. Although it has been dubbed “Cyber,” it also protects physical data breaches, like client files being stolen from an office, home, or car.
What Happens in the Event of a Data Breach?
The average financial impact of a data breach in the United States is $6M. Cyber criminals commonly use either ransomware or social engineering to steal and monetize data. Ransomware locks your data, essentially holding it hostage until you’ve paid a ransom—and, in some cases, destroys the data even if a ransom is paid. Social engineering is a form of coercion used to make targets give up passwords, computer access, or banking information. These can look like an email from a friend, or a message from a company you work for asking for password verification or account information, among other things. Independent contractors can be especially vulnerable to these attacks, as they often work from places with public internet connections, like coffee shops. Cyber Insurance helps independent contractors with the costs associated with the breach, preventing the situation from turning into a lawsuit between them, the enterprise, and anyone whose information was compromised.
Common Cyber Insurance Questions
Why isn’t cyber included in a standard business owner’s policy?
The basic reason is that digital communications change too fast for the business insurance industry to keep up. The rules and procedures governing the Cyber world are much more fluid than rules about copyright or libel, for example. Separating Cyber from other coverages like Professional Liability allows it to adapt more quickly.
If an independent contractor uses a third party to handle customer data, who is responsible for the breach?
Because the independent contractor is the one who asked for the information, they are responsible for what happens to it. Even if they use a company (whether that’s you or a third party data security company) to store it, they can be held liable in the event of a breach.
How much can a company’s IT department prevent?
If you have IT specialists solely focused on risk assessment, they may be able to work with your independent contractors to prevent breaches on their end. However, typically an IT department will not have the necessary time or resources to adequately monitor every independent contractor on the company payroll.
Preventing Cyber Attacks
Education + Insurance = Protection
You wouldn’t let a reckless driver behind the wheel of your car just because it was insured. Similarly, you shouldn’t relax your data security efforts when your contractors have Cyber Insurance. Make sure your independent contractors have the skills and resources they need to protect you both from damages. Share these tips with your independent contractors to help them stay on their security game:
- Keep in touch with reputable cybersecurity consulting companies and online resources to learn what measures you should be taking to ensure that your data is protected
- Keep your business and personal accounts separate. That way, if one account is hacked, the information in the other is safe. If you’re working with multiple companies at once, it may be wise to create separate accounts for each of these engagements.
- Change the passwords on your business accounts regularly, and use two-step verification whenever possible.
- Make sure you know how to identify and react to a data breach. Time is of the essence in these situations, and quick action can keep things from spiraling out of control.
This article originally appeared as a guest post for MBO Partners, a leader in the staffing and contingent workforce space.
Need help figuring out the right requirements for your independent contractors, or working with enterprise clients to right-size theirs? We’re here to help! Email firstname.lastname@example.org to set up a free requirement consultation, and learn about the most common insurance requirements in your industry below!
2020 Insurance Requirement Benchmarks (By Industry)