Home > Property & Casualty > Federal Court ruling on CGL covering a data breach

Federal Court ruling on CGL covering a data breach


On Monday a Federal appeals court in Virginia upheld a lower federal court ruling that held a Commercial General Liability (CGL) may in fact cover a data breach.  The legal battle involves the Personal Injury insuring agreement and the coverage under the Personal Injury coverage part is often ambiguous. 

In the underlying case, The Travelers Indemnity Company of America was required to provide a defense for its insured, Portal Healthcare Solutions, LLC, for an underlying data breach class action filed against Portal by customers whose private medical information was posted on the intranet. 

This ruling may have a dramatic impact on the pricing from CGL carriers who have historically not had to consider and price for potential cyber exposure.  Generally speaking, cyber risk is the vulnerability to intrusions, and resulting data loss and systems failures which cause business interruption and reputational damage, legal and regulatory compliance violations and loss of revenue.   In the last several years, the insurance marketplace has offered  standalone first party and third party liability cyber policies to address different sizes and classes of cyber coverage based on types and levels of complexities.  Cyber policies for first party coverage typically include coverage for data breach response costs, cyber extortion, network business interruption and data recovery. Traditionally, most businesses have commercial general liability policies to protect business from claims relating to personal injury or from property damage.  Most of the standard policies were not drafted or intended to cover to address cyber risks.

In sum, it is important to note that this is just one ruling, but may very well represent a trend of the courts  to look  to find increased coverage for policyholders who have suffered harm as a result of a data breach.  The interplay between traditional CGL policies and cyber policies is an area to watch in the months to come. In the meantime, please see the latest advisory from our Gallagher colleagues in the Casualty & Cyber practice leaders. 

About the Author

Ann_Mizner_McKay2Ann Mizner McKay is an Area Senior Vice President at Gallagher and leader of the claims team. Ms. McKay has extensive experience and knowledge in various types of risks including technology, healthcare, business service, environmental, energy, life sciences, financial institutions, and other business risks.

617.646.0238 | Ann_MiznerMckay@ajg.com | Connect with Ann on LinkedIn


  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s