Forensic Update

Reflections on information management within the legal and regulatory arena

  • Follow @ForensicUpdate

    Follow @ForensicUpdate
  • Follow on Linked In

    Follow @ Linked In
  • Recent Tweets

    Error: Twitter did not respond. Please wait a few minutes and refresh this page.

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 17 other followers

Posts Tagged ‘insurance’

Radio Show Appearance: Guest Expert on Business Fraud Awareness

Posted by Johnny Lee on September 6, 2011

ForensicUpdate editor, Johnny Lee, hit the airwaves again with colleague Philip Ratliff.  This time our host was Alan Butler, host of Atlanta’s Premier Business Talk Show “Butler on Business.”  Alan and co-host Jason Riddle facilitated a lively discussion covering a areas of concern to business owners and managers alike.

Listen as Philip Ratliff and Johnny Lee of Grant Thornton LLP’s Atlanta Forensics & Litigation practice comment on a broad variety of fraud issues facing organizations—especially in a down economy.  Segment one of the program can be found here; segment two can be found here. Please note that the views and opinions expressed are personal views and are not necessarily those of Grant Thornton; click here for more on this.


Posted in Computer Forensics, Data Governance, ECM, eDiscovery, Forensic Accounting, Fraud, Information Security, Investigations, Litigation Hold, Privacy, Records Retention, Social Networking | Tagged: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , | Comments Off on Radio Show Appearance: Guest Expert on Business Fraud Awareness

Forensic Update editor presenting at North American ISACA conference…

Posted by Johnny Lee on May 17, 2011

The world’s leading conference for IT audit, control, security and governance professionals holds its 2011 annual conference in Las Vegas. ForensicUpdate editor, Johnny Lee, will present on the topic of “Data Governance and eDiscovery: Good Faith, Bad Actors, and Questionable Data.”  Click here for more details.

Posted in Announcement, Computer Forensics, Data Governance, ECM, eDiscovery, Information Security, Investigations, Litigation Hold, Privacy, Records Retention, Social Networking | Tagged: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , | Comments Off on Forensic Update editor presenting at North American ISACA conference…

Evidence Spoliation Insurance…welcome news or moral hazard?

Posted by Johnny Lee on January 18, 2011

In early December, a division of Chartis Insurance (the artist formerly known as AIG), announced that it would offer a new insurance product focused upon evidence spoliation.  Interestingly, the product is designed to guard against claims arising from direct physical loss or damage to items that serve as material evidence in a legal proceeding.  Perhaps it’s the geek and the recovering attorney in me, but a couple of things are notable in this offering.

First, as with any insurance product, there must be a triggering event.  The event here is where the insured party is alleged to have breached its professional duty of care related to the preservation of property that is deemed to have evidentiary value.  The insurance would protect against liability for monetary damages and settlement, as well as defense costs for claims alleging a breach of professional duty.

Second, to be clear, this is not insurance that obviates the need for controls or proper handling of sensitive information, though the level of controls maturity will clearly affect how premia are rated.  This product, at least as initially introduced, does not appear to be aimed at entities protecting their own data.  This insurance offering appears to be geared toward organizations that are “conducting analysis on the property of others” and who, as a result of this analysis, may find themselves “exposed to spoliation as a separate tort” (i.e., sued for the harm caused by losing another party’s stuff—either by the party who owned the lost stuff or by a third party).  In legalese, this insurance protects against claims arising from the failure to preserve property of evidentiary value belonging to others that is in the care, custody, and control of the insured.  (Hint: Think engineering firm or research group conducting a form of benchmarking on data provided by a company.)

Despite the ostensible target market, it will be interesting to see how other vendors (especially so-called “cloud” vendors) react to this sort of insurance offering.  Indeed, there is the old saw—certainly trotted out with great frequency during the heyday of Sarbanes-Oxley compliance—that while you can outsource processes and services, you cannot outsource the risks related to same.  So, this leaves us with the question of whether the (potential) availability of such an insurance product to cloud vendors (and other third parties in possession of sensitive and valuable data) will decrease the diligence of these providers in the protection of these sensitive data.  An even bigger question is what companies hoping to outsource to such vendors should do about this.  It definitely will be an interesting area to monitor over the near term.

Posted in eDiscovery, Information Security, Privacy, Records Retention | Tagged: , , , , , , , , , , , , , , , , , , , , | 1 Comment »

%d bloggers like this: