Cyber Liability: Protecting Your Privacy

A pastor’s church laptop is missing, paper files are lost, online systems hacked…all are common examples of a DATA BREACH.  All present a potential privacy and financial loss to the church and it’s members.  Small and mid-sized churches are growing targets for cybercrime due to their lack of security controls.  Consider these questions to determine if your church needs CYBER LIABILITY coverage.

Do you collect: Employee information, Financial Account Records, Social Security Numbers, Credit/Debit Card data, Driver License numbers, Personal Health Information, or Criminal background records?

If so, at any one time, how many individual records containing one or more of the above do you have stored?   

Are Fire Wall Protection Systems used?

Is Anti-Virus software installed and regularly updated on all your network, computers, including laptops?

Is Personal Data stored on laptops, or other transportable storage devices?   If so, is it protected by encryption?

If your church is not taking these preventative steps in protecting your data, you are exposed to a data compromise.  Church members will have to be told so they can monitor their own financial records.  You may lose money from accounts if hackers beat you to it, and before you can put a hold on financial transactions.   

Implementing the “3P” Rule can help deter hackers:

Policy: Have a cyber security policy in place. Be aware of how your church manages, collects, and protects information on your members. Many times, the simpler the policy the better. 

Practice: Make sure to follow the policy. “Cybersecurity is a process, not a product.” Make sure patches and security updates have been implemented. Filters should be turned on. If your equipment and software are outdated consider upgrading. Do NOT download files or emails that seem suspicious.

People:  Hire trustworthy tech savvy people to handle your church’s electronic records- this may mean investing financially in people who can do the job well. Information is a valuable currency in the internet age, so you have to protect it like you would traditional financial records and confidential information.

Insurance companies, such as GuideOne Insurance Group, Church Mutual Insurance Company, and other companies we represent, have responded to offer coverage for a church who has a data breach.  Depending on the size of your operations, you can buy CYBER LIABILITY with several options.  Level 3 is the most comprehensive.  Premiums for a mid-size church will average $500 a year for this level CYBER LIABILITY coverage. 

Level 1 – First and Third Party Insuring Agreements

• Cyber, Privacy and Network Security Liability
• Payment Card Loss
• Regulatory Proceedings
• Cyber Incident Response Fund

Level 2 – First and Third Party Insuring Agreements

• All of Level 1 plus the following
• Business Interruption and Extra Expense
• Digital Data Recovery
• Electronic, Social, and Printed Media Liability
• Network Extortion

Level 3 – Cyber Crime Insuring Agreements

• All of Level 1 AND Level 2 plus the following
• Computer Fraud
• Funds Transfer Fraud
• Social Engineering Fraud

Contact our agency if you would like a CYBER LIABILITY quote for your church. 

Sources: Church Mutual, GuideOne, Church Law & Tax