The life science industry by nature carries a multitude of inherent risk. The board of directors and executive body must address risk management on a continual basis, meeting constant demands stemming from partners, insurers, physicians, patients, lawyers, and media. As need arises, added complexity and heightened risk can overlap these issues, creating a more difficult environment for overall efficient company management.
Because of the nuances involved in the life science industry, you must take appropriate precautions to identify and evaluate all risks to your organization. They could include:
- Compliance with numerous regulatory entities such as the Food and Drug Administration, Department of Health and Human Services, Securities and Exchange Commission, Department of Justice, etc.
- The ability to adapt to constantly changing and accelerating global regulatory activities
- Security breaches and IT failures
- Inadvertent exposure of intellectual capital
- Cost and availability concerns
Life Science firms can also take risk and turn it into a marketplace opportunity. The most common areas where we witness life science firms that manage the flip side of risk include:
- Competitor product failure that allows for your firm’s product to become a forerunner for approval
- Products are approved ahead of schedule, allowing for early availability
- Product manufacturing improves or is produced ahead of initial projected time frame
- An unanticipated gain in market need for a product or unanticipated market sharing upon launch of product
It is important to implement a broad risk management plan. Tips for advancing your risk management strategies include:
- Keeping on or ahead of schedule for product review and release through strategic planning
- Addressing increased demand for cost effective products from physicians, consumers, politicians and regulators and increased interest from investors
- Heeding the call from consumers for safer or risk-free breakthrough therapies
Biopharmaceutical and life science firms need to rely on a comprehensive insurance plan to deal with an ever-evolving matrix of risk. TechAssure members can help your firm deal with a multitude of issues concerning risk management including, but not limited to: network and privacy security, increased global competition, loss of intellectual property and delays or business interruption in Research and Development. Please contact us for more information on how our members can help you minimize risk to your life science firm.
Intangible property is a large part of most technology firms. Intangible Property includes software and data, exposed to damage or theft by electronic means such as virus, unauthorized access or usage, as well as theft of computer system capacity.
Property forms respond to direct physical loss such as fire or windstorm – not computer attacks. Limited coverage may be available for intangible property loss due to a physical event, but property forms are not able to sufficiently deal with loss resulting from non-physical events such as viruses or other types of computer attacks.
Under a comprehensive network risk program, coverage for the damage, destruction, corruption or theft of an Insured’s important information assets, including bandwidth, due to a covered computer attack. That may address some of the coverage concerns for intangible property. However, every exposure and situation is different.
TechAssure members are experts in designing insurance products that are tailored around the unique needs of a technology firm. Contact a TechAssure member to help you design a comprehensive program.
Website content is liability resulting from the content of web sites including claims alleging intellectual property infringements or personal injury such as defamation, libel, and slander.
General Liability policies often cannot address the complexities of advertising and personal injury arising out of content on the Internet, and in many cases exclude them.
However, a comprehensive network risk program could include coverage for content-based injuries such as libel, slander, defamation, copyright, title, trademark infringement, or invasion of privacy arising from the display of material on an Insured’s web sites.
Contact a TechAssure member to learn more about the unique coverages under a comprehensive network risk program.
Chances are no, a General Liability policy is unlikely to respond to the full scope of network risk exposures. Network risk is liability arising from a breach of network security, including unauthorized access, transmission of a virus, and identity theft.
General Liability policies cover bodily injury and property damage to tangible property. They do not address the liabilities arising out of computer attacks, such as transmission of a virus and theft of customer information, including that which results in identity theft.
As an illustrative example: laptops containing confidential customer information of a client were stolen from a company. The client is demanding that the company pay for the costs of complying with the California Database Protection Act, as well as costs to provide credit monitoring and id theft coverage for their customers.
The best avenue for building coverage to respond to that claims scenario would be a custom tailored network risk program designed around your needs. If a comprehensive program was designed, it could provide coverage for some of these events.
It is important to note that this is simply a representative scenario and are by no means an exhaustive list of exposures or coverage solutions.
A TechAssure member can help you design coverage options that are tailored to your unique needs.
Privacy violations are defined many ways by different insurance carriers. It can be summed up as a loss arising from a breach of privacy under defined privacy regulations, including GLB, HIPAA, and state privacy protection laws.
Most traditional network risk policies do not address the scope of coverage needed for privacy and security risks following the regulatory requirements and typically exclude coverage for regulatory complaints.
Proving an illustrative story: firm was charged with violating the Gramm-Leach-Bliley Safeguards Rule regarding reasonable protections for customers’ sensitive personal and financial information.
It is possible that a properly designed, comprehensive, network risk program could provide coverage for third party claim, regulatory fines and penalties.
This is an illustrative example only. Each claim would be subject to the full terms and conditions of the actual policies in place.
Contact a TechAssure professional to discuss your exposures and potential coverage options.
It is important to note any insurance policies that have professional liability exclusion. This is liability arising out of the provisioning of professional services that result in or from, a computer attack.
Most professional liability forms have exclusions for loss arising from an unauthorized access and security breaches. In that case, coverage must be carved back in via endorsement. In some instances, the policy is silent on the subject, but history has shown that the intent is not to cover these exposures.
Reviewing a fictitious case: an entity provides computer services to a 3rd party and negligence in providing those services allows for a hacker to gain access to the 3rd party’s confidential information. The 3rd party sues for negligence.
Coverage options for such an event could be through an enhanced professional liability policy that is designed for your organization. In order for a professional liability policy to respond, the policy would need to be endorsed to clarify coverage responds to liability arising out of professional services.
This sample loss scenario is meant to be illustrative and is by no means an exhaustive or indicative list of exposures and coverage solutions.
Contact a TechAssure member to review your organizational exposures and coverage solutions.