Cornerstone Plus Application

Cyber Liability Application for Churches and Churches with SchoolsCommercial Lines

/ CYBER LIABILITY APPLICATION FOR CHURCHES AND CHURCHES WITH SCHOOLS
Proposed Effective Date:
Applicant Information
1. / First Named Insured And Other Named Insureds:
2. / Mailing Address Street:
City: / State: / Zip:
3. / Federal Employer ID Number (FEIN):
4. / Website Address(es):
5. / Information Technology Risk Assessment Contact Name:
Contact Phone Number: / Contact E-Mail Address:
Coverage Requested
1. / Limit of Insurance:
Liability to Others*: $100,000 Each Wrongful Act Limit / $200,000 Aggregate Limit
Optional Coverage: Privacy Breach Expenses (select one):
10,000 $25,000 $50,000
Liability to Others*: $250,000 Each Wrongful Act Limit / $500,000 Aggregate Limit
Optional Coverage: Privacy Breach Expenses (select one):
$10,000 $25,000 $50,000 $125,000
Liability to Others*: $500,000 Each Wrongful Act Limit / $1,000,000 Aggregate Limit
Optional Coverage: Privacy Breach Expenses (select one):
10,000 $25,000 $50,000 $125,000 $250,000
Liability to Others*: $1,000,000 Each Wrongful Act Limit / $2,000,000 Aggregate Limit
Optional Coverage: Privacy Breach Expenses (select one):
10,000 $25,000 $50,000 $125,000 $250,000
2. / Deductible: $2,500 $5,000 $10,000 $25,000
3. / Prior Cyber Liability Coverage Trigger: Occurrence Claims-Made No Prior Coverage
4. / Retro Date For Prior Cyber Liability Claims-Made Coverage:
5. / Any Interruptions of Cyber Liability Claims-Made Coverage From the Proposed Retro Date? Yes No
If “Yes,” Provide Details Including Dates of Interruptions:
* Liability to Others Includes Network Security And Privacy Liability, Electronic Media Liability, and Funds Transfer Fraud Liability
General Information
1. / Total Number of Employees: / If School, Total Number of Students:
2. / Total Number of Members: / Average Weekly Attendance:
3. / Annual Gross Revenues: / Total Assets:
4. / Indicate the Types of Personally Identifiable Information You Collect, Receive, Process, Transmit, Or Maintain:
Employee Information / Social Security Numbers / Drivers’ License Numbers
Financial Account Records / Credit/Debit Card Data / Personal Health Information
Other:
5. / At Any One Time, Approximately How Many Individual Records Containing One Or More Items of the Information Listed Above Do You Have Stored?
100 / 100 – 250 / 251 – 500 / 501 – 1,000
1,001 – 2,500 / 2,501 – 5,000 / 5,001 – 10,000 / 10,001 – 25,000
25,001 – 50,000 / 50,001 – 100,000 / 100,001 – 250,000 / > 250,000
6. / Indicate If You Have A Written Policy For (Check All That Apply):
Internet Usage / Use of Social Media Sites / E-Mail Usage / Privacy Policy
Incident Response
Network And Data Security Controls
1. / Are Fire Wall Protection Systems Used to Prevent Unauthorized Access to Your Network And Computer Systems? / Yes No
2. / Is Intrusion Detection Software Used to Detect Unauthorized Access to Your Network And Computer Systems? / Yes No
3. / Is Anti-Virus Software Installed And Regularly Updated On All of Your Network And Computer Systems, Including Laptops, Personal Computers, And Data Storage Devices? / Yes No
4. / Do You Monitor Security Vulnerabilities And Appropriately Patch Your Systems And Applications? / Yes No
5. / Is There A Formal Policy In Place to Install System Updates And Patches as They Become Available? / Yes No
6. / Is Personally Identifiable Information Stored On Laptops, Other Transportable Or Handheld Devices Or Data Storage Devices? / Yes No
If “Yes,” Is the Personally Identifiable Information Protected By Encryption? / Yes No
7. / Are User IDs And Passwords Required to Log On To Your Computer System? / Yes No
If “Yes,” Are User Passwords Required to Be Changed At Least Every 90 Days? / Yes No
8. / Are Physical Security Controls In Place to Limit And Monitor Human Access to Your Data Centers, Servers And Sensitive Information? / Yes No
9. / Do You Outsource Any Aspect of Your Network Or Data Security (Including IT, Internet, Technology Service Providers, Cloud Computing, Data Backup, Etc.) Or Operations Or Processes (Including Online Giving, Student Enrollment, Etc.)? / Yes No
If “Yes,” List In the Table Below What is Outsourced, Name of Service Provider And If Each of These Service Providers Are Required By Written Contract to:
a. / Demonstrate Adequate Security Policies And Procedures
b. / Indemnify You For Security Breaches They May Have Involving Your Data Or Employee, Church Member Or Student Information
Outsourced Activity / Name of Service Provider / Written
Contract
In Place?
(Yes/No) / Requirement
9.a. Above
Applies
(Yes/No) / Requirement
9.b Above
Applies
(Yes/No)
Yes No / Yes No / Yes No
Yes No / Yes No / Yes No
Yes No / Yes No / Yes No
Yes No / Yes No / Yes No
Yes No / Yes No / Yes No
Yes No / Yes No / Yes No
10. / Is Critical Data Backed Up On a Regular Basis? / Yes No
If “Yes,” Where is the Back-Up Stored?
11. / Do You Accept Credit Card Payments In Person Or Via the Internet or Have Online Giving Or Giving Kiosks? / Yes No
If “Yes,” Do You Outsource All of Your Payment Processing? / Yes No
If You Outsource All of Your Payment Processing, is the Processor Required By Written Contract to Indemnify You For Security Breaches They May Have? / Yes No
Do You Store Credit Card Or Bank Account Details On Your Network? / Yes No
If “Yes,” Are the Credit Card Or Bank Account Numbers Encrypted? / Yes No
12. / Is There a Formal Policy In Place to Properly Dispose of Or Shred All Written Or Printed Personally Identifiable Or Other Confidential Information When It is Being Discarded? / Yes No
Electronic Media And Website Content Controls
1. / Check All of the Following That Apply: / Currently / Within
Next 12
Months
Informational Website Only (Provides General Information About What You Do Or Provide; Content Only From You)
Accessible Website (Has Log-In Capabilities Allowing Access to Secure Or Restricted Content(Such As Accounts, Applications, Enrollment And / Or Allows User to Post Content Or Upload Or Download Secure Data)
Transactional Website (Allows Orders, Purchases Or Bill Payments Using Credit Or Debit Cards)
2. / Does Your Website Display Material Created By Third Parties (e.g. Videos, Music, Blogs)? / Yes No
3. / Do You Have a Procedure In Place to Review Material Displayed On Your Website For:
a. / Infringement of Another’s Copyright, Trademark, Trade Dress, Slogan, Or Service Mark / Yes No
b. / Plagiarism / Yes No
c. / Defamation, Libel, Or Slander / Yes No
d. / Violation of A Person’s Right of Privacy / Yes No
4. / Do You Have a Procedure In Place to Edit Or Remove Controversial, Offensive And Infringing
Material On Your Website? Yes No N/A (Website Content Only From Named Insured)
Prior Claims And Circumstances
1. / During the Past Three Years Have You Experienced a Network Security Breach From An Unauthorized Third Party? / Yes No
If “Yes,” How Many?
Describe What Changes In Policies, Procedures And Security Were Made to Prevent Future Occurrences:
2. / Are You Aware of Any Fact, Circumstance, Situation, Event, Or Act Which May Reasonably Be Expected to Result In A Claim Under the Insurance Policy For Which You Are Applying? / Yes No
If “Yes,” Provide Details:
Name of Applicant:
Policy No./Quote No.: / City: / State: / Zip:

INSURANCE FRAUD WARNING:

Any person who knowingly and with intent to defraud any insurance company or another person files an application for insurance or statement of claim containing any materially false information, or conceals for the purpose of misleading information concerning any fact material thereto, commits a fraudulent insurance act, which is a crime and subjects the person to criminal and [NY: substantial] civil penalties. (Not applicable in AL, CO, DC, FL, HI, KS, MA, MN, NE, OH, OK, OR, VT or WA; in LA, ME, TN and VA insurance benefits may also be denied).

Fraud Statement to Alabama Applicants: Any person who knowingly presents a false or fraudulent claim for payment of a loss or benefit or who knowingly presents false information in an application for insurance is guilty of a crime and may be subject to restitution fines or confinement in prison, or any combination thereof.

Fraud Statement to Colorado Applicants: It is unlawful to knowingly provide false, incomplete, or misleading facts or information to an insurance company for the purpose of defrauding or attempting to defraud the company. Penalties may include imprisonment, fines, denial of insurance, and civil damages. Any insurance company or agent of an insurance company who knowingly provides false, incomplete, or misleading facts or information to a policy holder or claimant for the purpose of defrauding or attempting to defraud the policy holder or claimant with regard to a settlement of award payable from insurance proceeds shall be reported to the Colorado Division of Insurance within the Department of Regulatory Agencies.

Fraud Statement to the District of Columbia Applicants: WARNING: It is a crime to provide false or misleading information to an insurer for the purpose of defrauding the insurer or any other person. Penalties include imprisonment and/or fines. In addition, an insurer may deny insurance benefits, if false information materially related to a claim was provided by the applicant.

Fraud Statement to Florida Applicants: Any person who knowingly and with intent to injure, defraud, or deceive any insurer files a statement of claim or an application containing any false, incomplete, or misleading information is guilty of a felony of the third degree.

Fraud Statement to Hawaii Applicants: For your protection, Hawaii law requires you to be informed that presenting a fraudulent claim for payment of a loss or benefit is a crime punishable by fines or imprisonment, or both.

Fraud Statement to Kansas Applicants: Any person who, knowingly and with intent to defraud, presents, causes to be presented or prepares with knowledge or belief that it will be presented to or by an insurer, purported insurer, broker or any agent thereof, any written statement as part of, or in support of, an application for the issuance of, or the rating of an insurance policy for personal or commercial insurance, or a claim for payment or other benefit pursuant to an insurance policy for commercial or personal insurance which such person knows to contain materially false information concerning any fact material thereto; or conceals, for the purpose of misleading, information concerning any fact material thereto commits a fraudulent insurance act.

Fraud Statement to Massachusetts, Nebraska, Oregon and VermontApplicants: Any person who knowingly and with intent to defraud any insurance company or another person files an application for insurance or statement of claim containing any materially false information, or conceals for the purpose of misleading information concerning any fact material thereto, may be committing a fraudulent insurance act, which may be a crime and may subject the person to criminal and civil penalties.

Fraud Statement to Minnesota Applicants: Any person who files a claim with intent to defraud or helps commit a fraud against an insurer is guilty of a crime.

Fraud Statement to Ohio Applicants: Any person who, with intent to defraud or knowing that he/she is facilitating a fraud against an insurer, submits an application or files a claim containing a false or deception statement is guilty of insurance fraud.

Fraud Statement to Oklahoma Applicants: WARNING: Any person who knowingly, and with intent to injure, defraud or deceive any insurer, makes any claim for the proceeds of an insurance policy containing any false, incomplete or misleading information is guilty of a felony.

Fraud Statement to Washington Applicants: It is a crime to knowingly provide false, incomplete, or misleading information to an insurance company for the purpose of defrauding the company. Penalties include imprisonment, fines, and denial of insurance benefits.

ACKNOWLEDGEMENT AND SIGNATURES:

The undersigned is an authorized representative of the applicant and represents that reasonable enquiry has been made to obtain the answers to questions on this application. He/she represents that the answers are true, correct and complete to the best of his/her knowledge.

The signing of the application does not bind the insurance company to complete the insurance, but it is agreed that this application and any additional documents submitted therewith are the representations of the applicant and are material and shall be the basis of the contract should a policy be issued. It is further agreed that any incorrect or incomplete statement in the application could void the protection should a policy be issued.

The undersigned further agrees that if any significant adverse change in the condition of the applicant is discovered between the date of completion of this application and the date that coverage was bound with GuideOne Insurance, and such change renders this application inaccurate or incomplete, notice of such change will be reported in writing to GuideOne Insurance immediately.

INSURED MUST SIGN THIS APPLICATION IN ORDER FOR IT TO BE VALID

Authorized Insured Representative: / Date:
Print Name: / Title or Position:
Agent No.: / Agency: / Producer’s Signature: / License No.:
Producer’s Phone Number: / Producer’s E-mail Address: