Hurricane Barry provides the latest reminder of insurance precautions that should always be top of mind for business owners in coastal areas. In “Hurricane Barry: Prepare Now to Maximize Insurance Recoveries,” colleagues Tamara D. Bruno, David F. Klein, Joseph D. Jean, Vincent E. Morgan and Matthew F. Putorti provide a list of helpful reminders and immediate and proactive steps one should take to maximize insurance recovery before, during and after a tropical storm or hurricane makes landfall.
A data breach may cost a company millions in recovery and liability damages, but rarely does a breach force a company into bankruptcy. However, a months-long data breach at American Medical Collection Agency (AMCA) in 2018-2019 did just that, forcing its parent company, Retrieval-Master Creditors Bureau Inc., into Chapter 11 bankruptcy. AMCA has not stated whether it had cyber insurance, but the situation presented by this breach and bankruptcy filing serves as a cautionary tale for those without adequate cyber insurance coverage—or any at all.
Since 2008, Minnesota has had a bad-faith statute that penalizes an insurance company for its unreasonable denial of a first-party insurance claim. But it was only earlier this month that a Minnesota appellate court interpreted the statute to require insurance companies to conduct a reasonable investigation and fairly evaluate its results to establish a reasonable basis for denying the claim. In so doing, the court rejected the interpretation offered by the insurance company: that the policyholder must prove there are no facts or evidence upon which the insurance company could rely to deny coverage. That interpretation would have allowed insurers to rely on post hoc justifications for denying coverage. The court’s rejection of that argument is an important development in bad-faith law that will likely affect both suits brought in Minnesota and those in other jurisdictions where courts might look to this decision for guidance in connection with many types of insurance claims. Continue reading →
Insurers have recently argued that environmental property damage claims for “closure” costs arising out of historic pollution are not covered, because the claimed damages are just “ordinary costs of doing business.” Policyholders should strongly resist denials based on this argument, which is unsupported custom and practice in the insurance industry and contradicts the terms of standard-form third-party liability policies, applicable environmental laws, and insurance law in nearly all jurisdictions.
Recently, the Board of Governors of the Federal Reserve System has indicated it may move forward with enhanced cybersecurity standards for large financial institutions and the third-party vendors that serve them. Over on Pillsbury’s SourcingSpeak blog, colleagues Andrew L. Caplan, Meighan E. O’Reardon and Curtis A. Simpson examine just what those standards might be in “The Fed May Increase Cybersecurity Standards for Large Financial Institutions and their Service Providers.”
As coverage counsel, we see the situation arise time and again: facing down substantial potential liability in a pending lawsuit, a policyholder engages in good-faith settlement discussions with the plaintiff. After animated negotiations between the parties, the plaintiff finally makes a reasonable offer, only for the policyholder’s insurance carrier to throw up a roadblock by refusing to fund or consent to the settlement. But policyholders need not always resign themselves to continuing costly and time-consuming litigation—a “covenant not to execute” may be the switch to put the settlement back on track.
Although it has become common for corporate directors and officers to face claims seeking to hold them personally liable for alleged damages resulting from actions taken in their official capacity, it wasn’t always this way. There was a time when such lawsuits were so rare that corporations were not even allowed to indemnify their directors and officers. But with the emergence and rapid growth of lawsuits against officers and directors—often fueled by a cottage industry of class action plaintiffs’ firms—corporate indemnification and Directors & Officers (D&O) liability insurance programs have become integral to a company’s ability to attract and retain strong management.
Experts are full of advice about the importance of designing and implementing a robust cyber breach response plan. They opine frequently on its key components, such as identifying the roles and responsibilities of the response team, steps for investigating and containing the breach, internal and external communications regarding the breach and the response, and applicable legal requirements. For the most part, however, their advice focuses on the information-technology aspects of the plan, with some attention given to the roles of senior management and the legal department. But few commentators offer tips on one of the most consequential components of a cyber response plan: insurance.
As outside coverage counsel for corporate policyholders, we see firsthand how corporate risk management and legal departments interact and work together—or don’t. Some risk management and legal departments are in sync. They tackle intersecting insurance and legal issues through a unified front, to the company’s benefit. But others seem to operate in silos. This can present a number of coverage pitfalls—from failing to pursue coverage in the first place to jeopardizing claims that have been made. Here are a few of the most common problems we see when risk management and legal departments are not working in harmony, and some practical tips for avoiding them.
Cannabis is now fully legal in ten states plus the District of Columbia, and medical marijuana is legal in 23 states. Despite growing acceptance among states, cannabis remains illegal federally under the Controlled Substances Act of 1970 as a Schedule 1 substance, which has made oversight and regulation of the industry decentralized and in some instances non-existent. The psychoactive effects of cannabis, coupled with limited regulation, imposes increased risk of product liability claims. To mitigate this risk, industry members should take steps to self-regulate.