As we start a new year, there is no time like the present to evaluate your company’s insurance and risk management program and plan for the year. What should you consider as you move into 2016? Take a look at our checklist of questions you should consider now to evaluate your risk management program this
Two years is too long to wait before reporting an EEOC charge to your EPL carrier, according to a recent a court decision from the Western District of Virginia. A company’s employment practices liability policy defined “employment claim” to include “a formal administrative or regulatory proceeding commenced by the filing of a notice of charges…including…a proceeding before the Equal Employment Opportunity Commission” and it required that notice of a claim be given to the carrier “as soon as practicable.” The company received notice in April 2011 that a former employee had filed a charge with the EEOC alleging employment discrimination, but it did not report the charge to its carrier. More than a year later, after initially dismissing the charge, the EEOC found reasonable cause to believe discrimination had occurred and ordered the parties to engage in mediation in March 2013. The company waited another five months – to February 2013, nearly two years from the date of the original charge – before informing the carrier of the pending mediation. The carrier denied coverage due to the delayed report.
Continue Reading Don’t Wait Too Long: Failure to Give Timely Notice Under an EPL Policy May Preclude Coverage as a Matter of Law
In light of the growing concern over cybersecurity, the United Stated Department of Justice (“DOJ”) issued guidance last week on how to prepare for and respond to cyber attacks. Taking lessons learned by federal prosecutors while handling cyber investigations, and input from private sector companies that have managed cyber incidents, the guidance contains a step-by-step guide on what to do before, during and after a cyber incident.
Specifically, the DOJ recommends having a plan in place before any cyber attacks occur. That plan should include identifying critical data and assets that warrant increased security, having the technology and services needed to respond to a cyber incident in place, having legal counsel that is familiar with legal issues associated with cyber incidents, and ensuring that your team knows who is responsible for what tasks in the event of an attack. If an attack happens, the DOJ recommends assessing the scope of the incident and working quickly to prevent any on-going damage, collecting and preserving data related to the attack, and notifying law enforcement. The DOJ cautions against using any systems that have been compromised and trying to “hack back” against the system involved in the attack.Continue Reading United States Department of Justice Announces “Best Practices” for Addressing Cyber Attacks