The SEC public company cyber disclosure rule raises issues that companies should consider in reviewing existing insurance coverage and in assessing overall risk. 

The SEC recently adopted a new cybersecurity disclosure related rule (the “SEC Cyber Disclosure Rule”)[1] in response to increasing risks associated with cyber incidents and a perceived need for investors to receive more fulsome corporate disclosures about cybersecurity risks, governance, and material incidents.  In prior efforts to improve consistency and accuracy of public company cybersecurity risk disclosures, the SEC issued interpretive guidance explaining how cybersecurity risk and incidents should be communicated based on long-standing requirements to periodically—and as needed—disclose material information to shareholders.[2]  But in spite of this guidance, in the SEC’s view corporate disclosure practices remained inconsistent, under-disclosure persisted, and investors lacked consistent information by which they could evaluate public companies’ cybersecurity risk.  In July 2023, the SEC adopted the SEC Cyber Disclosure Rule, which mandated new disclosures among other things, and which became effective in December 2023.

Continue Reading The SEC’s Cybersecurity Incident, Governance, and Management Reporting Requirements: What you Need to Know to Avoid Cyber and D&O Coverage Gaps

In March last year, New York’s Appellate Division – First Department issued Xerox an important pro-policyholder decision in its D&O insurance recovery action against Travelers, arising from Xerox’s failed 2018 merger with Fujifilm.  In a thoughtful order, the court issued three key pro-policyholder rulings that: (1) reinforce the rule that the words “arising from” when used in policy exclusions should be narrowly construed under New York law; (2) recognize that an insurer who shows bad faith indifference to its policyholder’s rights may be held liable for a breach of the duty of good faith and extracontractual damages under New York law; and (3) held that the reasonableness of an underlying settlement is  an issue of fact that should go to the jury.  A copy of the Court’s decision is available here.

Continue Reading Xerox Obtains Important Pro-Policyholder Decision in New York’s First Department, Adopting Narrow Construction of “Arising From” Exclusions and Confirming That Insurers Who Show Indifference to Policyholders’ Rights May Be Liable for Bad Faith in New York

Last week, the North Carolina Supreme Court issued its long-awaited ruling in North State Deli, LLC v. The Cincinnati Insurance Company, siding with a group of North Carolina restaurants that sought business interruption insurance for losses they sustained because of the COVID-19 pandemic.  Specifically, the court held that those restaurants sustained “direct physical loss” to property, as that phrase is used in their commercial property policies, when COVID-19 government orders restricted the restaurants’ use of and access to their property, resulting in the suspension of their operations and the loss of income.  In reaching this holding, the Supreme Court of North Carolina joined the Supreme Court of Vermont as the only other state supreme court to have ruled in favor of policyholders on the question of COVID-19 business interruption insurance coverage. 

Continue Reading North Carolina Supreme Court Unlocks the Door to COVID-19 Business Interruption Coverage, Holding that Pandemic-Era Restrictions on Use of Property Constitute “Direct Physical Loss” to Property

A recent decision by a federal court in the Eastern District of New York illustrates how directors and officers (“D&O”) policies can provide valuable insurance coverage for defense costs and potential liabilities arising from False Claims Act (“FCA”) litigation.  In Northern Metropolitan Foundation for Healthcare, Inc. v. RSUI Indemnity Company, Case No. 20-CV-2224 (EK) (JAM) (E.D.N.Y. Sept. 24, 2024), the insured—an owner and operator of adult healthcare centers in Brooklyn, New York—sought coverage under a D&O policy for defense costs for a relator’s qui tam action alleging that the insured defrauded the federal and New York state governments in submitting claims for reimbursement.  The government chose not to intervene and the qui tam lawsuit was ultimately dismissed.  The D&O policy at issue contained a Government Funding Defense Expense Coverage (“Government Funding”) provision excluding “the return of funds which were received from any federal, state, or local government agency” from the policy’s definition of “Loss,” and limiting coverage for “any Claim arising out of the return, or request to return, such funds.”  

The insurer argued that the Government Funding provision barred coverage for the underlying qui tam action on the ground that the FCA causes of action included a “request to return. . . funds.”  The district court disagreed, ruling that the ordinary meaning of “return”—to put original owner of property back in its prior position—did not apply to the underlying qui tam action because: (1) FCA damages are compensatory and punitive in nature; and (2) the relators who brought the action never possessed the money that they were seeking in their complaint, so the claim could not arise from a request to return funds.  In reaching this conclusion, the district court held that its interpretation was the only reasonable interpretation of the language in question, but it went on to state that even if the Government Funding provision were ambiguous, it would not preclude coverage because any ambiguity must be construed in favor of the insured in accordance with basic insurance policy interpretation principles.  Based on this analysis, the court confirmed that coverage for defense costs incurred in the underlying FCA qui tam action was not limited by the Government Funding provision. 

On October 15, 2024, the insurer filed a notice of appeal to the Second Circuit.  However, the district court’s decision appears to be in line with other well-reasoned decisions holding that FCA damages are compensatory in nature, and therefore not excluded under D&O policies.  For example, the court’s reasoning was consistent with the Seventh Circuit’s recent detailed analysis of the insurability of FCA related losses in Astellas US Holding, Inc. v. Federal Insurance Company, No. 21-3075, 2023 WL 3221737 (7th Cir. May 3, 2023), where that court held that the remedies available under the FCA were compensatory in nature, even in situations where the  government may label a portion of an underlying FCA settlement agreement as restitution. 

This pro-policyholder decision in Northern Metropolitan comes at a time when the Department of Justice (“DOJ”) has ramped up FCA enforcement efforts against healthcare providers, which further underscores the importance for healthcare companies and other companies that may face FCA exposure to consider whether they have adequate insurance in place to mitigate potential FCA-related losses.  Policies that may respond to FCA investigations and lawsuits may include D&O, Errors & Omissions (“E&O”), and Employment Practices Liability (“EPL”), among other lines of coverage.  While some insurers may argue that FCA-related exposures are uninsurable as a matter of law, decisions like Astellas and Northern Metropolitan prove otherwise.  Healthcare providers should work with experienced coverage counsel and their brokers to examine their policies before annual renewals to ensure they have the best coverage terms in place to protect themselves against the risk of expensive government investigations and FCA litigation.

Hurricane Helene made landfall in Florida on September 26, 2024, eventually making its way up to western North Carolina where it caused unprecedented damage. The estimated costs associated with these damages grow daily, with AccuWeather currently estimating losses between $145 and $160 billion. Earlier this week, we issued an alert with general tips policyholders should consider when pursuing insurance claims for hurricane-related losses. As damage reports continue to come in from portions of western North Carolina that have been cut off from regular communications, we are updating our guidance for North Carolina policyholders.

Continue Reading Tips for Pursuing Insurance Claims and Disaster Relief Funding in North Carolina After Hurricane Helene

RELATED UPDATE: Tips for Pursuing Insurance Claims and Disaster Relief Funding in North Carolina After Hurricane Helene (October 3, 2024)

Hurricane Helene made landfall on Thursday, September 26, 2024, carrying catastrophic 140 mph winds as the first known Category 4 storm to hit Florida’s Big Bend region since records began in 1851. By Friday, Hurricane Helene’s effects could be felt through Georgia, South Carolina, North Carolina, Tennessee, and Virginia, with numerous fatalities and significant property damage and power outages reported across the entire southeastern United States. Flooding from the storm resulted in highway and road closures throughout the region, including Interstate 40 in North Carolina, and multiple dams in Tennessee and North Carolina were on the brink of failure before stormwaters began to subside.

Continue Reading Tips to Maximize Insurance Recoveries for Hurricane Helene Property Damage and Business Interruption Losses

On June 6, 2024, the Supreme Court issued its opinion in Truck Insurance Exchange v. Kaiser Gypsum Co., No. 22-1079, conferring broad standing to debtors’ pre-bankruptcy liability insurers to appear and be heard in Chapter 11 bankruptcy proceedings. The ruling eliminates the “insurance neutrality” doctrine that previously constrained the participation of insurers in Chapter 11, greatly expanding insurers’ capacity to influence the reorganization process.

Continue Reading Shifting Gears on Insurer Participation in Chapter 11 Proceedings: U.S. Supreme Court Rejects Longstanding “Insurance Neutrality” Doctrine

On April 19, 2024, the U.S. Environmental Protection Agency announced the designation of two per- and polyfluoroalkyl substances (PFAS)—perfluorooctanoic acid (PFOA) and perfluorooctanesulfonic acid (PFOS) and their salts and structural isomers—as hazardous substances under the Comprehensive Environmental Response, Compensation and Liability Act (CERCLA).[1]  In its designation, the EPA has identified over 85 industries it believes are most likely to be directly or indirectly affected by the designation.  

Continue Reading Steps for Companies to Maximize Potential Insurance Recovery After the EPA’s Recent PFAS Designation

Dairy is the latest round of kitchen staples to suffer from viral diagnoses.  In a first, the H5N1 virus, commonly referred to as the bird flu, is rapidly spreading through US cattle herds.[1]  The virus has already been detected in pasteurized milk sitting on grocery store shelves.[2]  The World Health Organization labeled the outbreak an animal pandemic, but fears of animal to human transmission are rising.[3]  To prepare for the potential financial impact of this looming outbreak, livestock owners and businesses should consider their insurance policies as possible sources of recovery.

Continue Reading Milk Coverage for All Its Worth While the “Steaks” Are High: An Insurance Primer on Coverage for the H5N1 Bird Flu Outbreak

Following record-shattering data breaches, there has been a major push for increased transparency and regulation in the insurance industry regarding consumer data privacy. With an increase in consumer data collection, the threat of ransomware attacks can expose companies to potential litigation or regulatory action if not handled properly.

Read on to learn about the National Association of Insurance Commissioners’ Insurance Consumer Privacy Protection Model Law #674, which illustrates the NAIC’s continuing re-evaluation of its historical approach to privacy compliance requirements. How will Model Law #674, as adopted by states, affect insurers’ compliance obligations vis-à-vis the patchwork of state data compliance laws and regulations recently adopted or under consideration?