Breach response services means the following fees and costs in response to an actual or reasonably suspected data breach or security breach:

1. for an attorney to provide necessary legal advice to the insured organization to evaluate its obligations pursuant to breach notice laws or a merchant services agreement and in connection with providing the breach response services described below;
2. for a computer security expert to determine the existence, cause and scope of an actual or reasonably suspected data breach, and if such data breach is actively in progress on the insured organization's computer systems, to assist in containing it;
3. for a PCI Forensic Investigator to investigate the existence and extent of an actual or reasonably suspected data breach involving payment card data and for a Qualified Security Assessor to certify and assist in attesting to the insured organization's PCI compliance, as required by a merchant services agreement;
4. to notify those individuals whose personally identifiable information was potentially impacted by a data breach exceeding the notified individuals threshold;
5. to provide a call center to respond to inquiries about a data breach that exceeds the notified individuals threshold;
6. to provide a credit monitoring, identity monitoring or other solution listed in the Information Packet to individuals whose personally identifiable information was potentially impacted by a data breach exceeding the notified individuals threshold; and
7. public relations and crisis management costs directly related to mitigating harm to the insured organization which are approved in advance by the Underwriters in their discretion.

Breach response services will be provided by providers listed in the Information Packet, will be subject to the terms and conditions of this Policy and the Information Packet, and will not include any internal salary or overhead expenses of the insured organization. Breach response services also includes assistance from the BBR Services Team and access to education and loss prevention tools.

Business interruption loss means:

1. income loss;
2. forensic expenses; and
3. extra expense;

Actually sustained during the period of restoration as a result of the actual interruption of the insured organization’s business operations caused by a security breach or system failure. Coverage for business interruption loss will apply only after the waiting period has elapsed.

Business interruption loss will not include (i) loss arising out of any liability to any third party; (ii) legal costs or legal expenses; (iii) loss incurred as a result of unfavorable business conditions; (iv) loss of market or any other consequential loss; (v) dependent business loss; or (vi) data recovery costs.

Claim means:

1. a written demand received by any insured for money or services;
2. with respect to coverage provided under the Regulatory Defense & penalties insuring agreement only, institution of a regulatory proceeding against any insured; and
3. with respect to coverage provided under part 1. of the data & Network Liability insuring agreement only, a demand received by any insured to fulfill the insured organization's contractual obligation to provide notice of a data breach pursuant to a breach notice law;

Multiple claims arising from the same or a series of related, repeated or continuing acts, errors, omissions or events will be considered a single claim for the purposes of this Policy. All such claims will be deemed to have been made at the time of the first such claim.

Claims expenses means:

1. all reasonable and necessary legal costs and expenses resulting from the investigation, defense and appeal of a claim, if incurred by the Underwriters, or by the insured with the prior written consent of the Underwriters; and
2. the premium cost for appeal bonds for covered judgments or bonds to release property used to secure a legal obligation, if required in any claim against an insured; provided the Underwriters will have no obligation to appeal or to obtain bonds.

claims expenses will not include any salary, overhead, or other charges by the insured for any time spent in cooperating in the defense and investigation of any claim or circumstance that might lead to a claim notified under this Policy, or costs to comply with any regulatory orders, settlements or judgments.

Computer systems means computers, any software residing on such computers and any associated devices or equipment:

1. operated by and either owned by or leased to the insured organization; or
2. with respect to coverage under the Breach Response and Liability insuring agreements, operated by a third party pursuant to written contract with the insured organization and used for the purpose of providing hosted computer application services to the insured organization or for processing, maintaining, hosting or storing the insured organization's electronic data.

Continuity date means:

1. the continuity date listed in the Declarations; and
2. with respect to any subsidiaries acquired after the continuity date listed in the Declarations, the date the named insured acquired such subsidiary.

Cyber extortion loss means:

1. any extortion payment that has been made by or on behalf of the insured organization with the Underwriters' prior written consent to prevent or terminate an extortion threat; and
2. reasonable and necessary expenses incurred by the insured organization with the Underwriters' prior written consent to prevent or respond to an extortion threat}.

Damages means a monetary judgment, award or settlement, including any award of prejudgment or post-judgment interest; but damages will not include:

1. future profits, restitution, disgorgement of unjust enrichment or profits by an insured, or the costs of complying with orders granting injunctive or equitable relief;
2. return or offset of fees, charges or commissions charged by or owed to an insured for goods or services already provided or contracted to be provided;
3. taxes or loss of tax benefits;
4. fines, sanctions or penalties;
5. punitive or exemplary damages or any damages which are a multiple of compensatory damages, unless insurable by law in any applicable venue that most favors coverage for such punitive, exemplary or multiple damages;
6. discounts, coupons, prizes, awards or other incentives offered to the insured's customers or clients;
7. liquidated damages, but only to the extent that such damages exceed the amount for which the insured would have been liable in the absence of such liquidated damages agreement;
8. fines, costs or other amounts an insured is responsible to pay under a merchant services agreement; or
9. any amounts for which the insured is not liable, or for which there is no legal recourse against the insured.

Data recovery costs means the reasonable and necessary costs incurred by the insured organization to regain access to, replace, or restore data, or if data cannot reasonably be accessed, replaced, or restored, then the reasonable and necessary costs incurred by the insured organization to reach this determination.

Data recovery costs will not include: (i) the monetary value of profits, royalties, or lost market share related to data, including but not limited to trade secrets or other proprietary information or any other amount pertaining to the value of data; (ii) legal costs or legal expenses; (iii) loss arising out of any liability to any third party; or (iv) cyber extortion loss.

Dependent business loss means:

1. income loss; and
2. extra expense;
   
   actually sustained during the period of restoration as a result of an actual interruption of the insured organization's business operations caused by a dependent security breach or dependent system failure. Coverage for dependent business loss will apply only after the waiting period has elapsed.
   
   dependent business loss will not include (i) loss arising out of any liability to any third party; (ii) legal costs or legal expenses; (iii) loss incurred as a result of unfavorable business conditions; (iv) loss of market or any other consequential loss; (v) business interruption loss; or (vi) data recovery costs.

Dependent system failure means an unintentional and unplanned interruption of computer systems operated by a dependent business.

Dependent system failure will not include any interruption of computer systems resulting from (i) a dependent security breach, or (ii) the interruption of computer systems that are not operated by a dependent business.

Digital currency means a type of digital currency that:

1. requires cryptographic techniques to regulate the generation of units of currency and verify the transfer thereof;
2. is both stored and transferred electronically; and
3. operates independently of a central bank or other central authority.

Education and loss prevention tools means information and services made available by the Underwriters from time to time and includes access to beazleybreachsolutions.com, a dedicated portal through which insureds can access news and information regarding breach response planning, data and network security threats, best practices in protecting data and networks, offers from third party service providers, and related information, tools and services. insureds will also have access to communications addressing timely topics in data security, loss prevention and other areas.

Extortion threat means a threat to:

1. alter, destroy, damage, delete or corrupt data;
2. perpetrate the unauthorized access or use of computer systems;
3. prevent access to computer systems or data;
4. steal, misuse or publicly disclose data, personally identifiable information or third party information;
5. introduce malicious code into computer systems or to third party computer systems from computer systems; or
6. interrupt or suspend computer systems;
   
   unless an extortion payment is received from or on behalf of the insured organization.

Fraudulent instruction means the transfer, payment or delivery of money or securities by an insured as a result of fraudulent written, electronic, telegraphic, cable, teletype or telephone instructions provided by a third party, that is intended to mislead an insured through the misrepresentation of a material fact which is relied upon in good faith by such insured.

Fraudulent instruction will not include loss arising out of:

1. fraudulent instructions received by the insured which are not first authenticated via a method other than the original means of request to verify the authenticity or validity of the request;
2. any actual or alleged use of credit, debit, charge, access, convenience, customer identification or other cards;
3. any transfer involving a third party who is not a natural person insured, but had authorized access to the insured's authentication mechanism;
4. the processing of, or the failure to process, credit, check, debit, personal identification number debit, electronic benefit transfers or mobile payments for merchant accounts;
5. accounting or arithmetical errors or omissions, or the failure, malfunction, inadequacy or illegitimacy of any product or service;
6. any liability to any third party, or any indirect or consequential loss of any kind;
7. any legal costs or legal expenses; or
8. proving or establishing the existence of fraudulent instruction.

Funds transfer fraud means the loss of money or securities contained in a transfer account at a financial institution resulting from fraudulent written, electronic, telegraphic, cable, teletype or telephone instructions by a third party issued to a financial institution directing such institution to transfer, pay or deliver money or securities from any account maintained by the insured organization at such institution, without the insured organization's knowledge or consent.

Funds transfer fraud will not include any loss arising out of:

1. the type or kind covered by the insured organization's financial institution bond or commercial crime policy;
2. any actual or alleged fraudulent, dishonest or criminal act or omission by, or involving, any natural person insured;
3. any indirect or consequential loss of any kind;
4. punitive, exemplary or multiplied damages of any kind or any fines, penalties or loss of any tax benefit;
5. any liability to any third party, except for direct compensatory damages arising directly from funds transfer fraud;
6. any legal costs or legal expenses; or proving or establishing the existence of funds transfer fraud;
7. the theft, disappearance, destruction of, unauthorized access to, or unauthorized use of confidential information, including a PIN or security code;
8. any forged, altered or fraudulent negotiable instruments, securities, documents or instructions; or
9. any actual or alleged use of credit, debit, charge, access, convenience or other cards or the information contained on such cards.

Income loss means an amount equal to:

1. net profit or loss before interest and tax that the insured organization would have earned or incurred; and
2. continuing normal operating expenses incurred by the insured organization (including payroll), but only to the extent that such operating expenses must necessarily continue during the period of restoration.

Insured means:

1. the named insured, and solely with respect to the Data & Network Liability, Breach Response, Regulatory Defense & Penalties and Payment Card Liabilities & Costs insuring agreements, any subsidiaries of the named insured (together the “insured organization”);
2. an employee or volunteer worker of the named insured (or the insured organization if applicable) but only while acting within the scope of his or her duties as such;
3. if the named insured is a joint venture or partnership, any partner or member with respect to his or her liability as such;
4. if the named insured is other than an individual, partnership or joint venture, any executive officer, director, stockholder, medical director, manager, administrator or employed physician of the organization so designated while acting within the scope of his or her duties as such. However, in relation to the Professional Liability, General Liability, Products/Completed Operations Liability, Fire Legal Liability and Medical Payments insuring agreements, coverage for any employed physician.
5. any person who previously qualified as an insured under the Medical Payments insuring agreement prior to the termination of the required relationship with the named insured, but solely with respect to:
   1. the Professional Liability insuring agreement, with respect to professional services performed on behalf of the named insured;
   2. the General Liability, with respect to Products/Completed Operations Liability, Fire Legal Liability and Medical Payments insuring agreements, an accident arising solely out of the named insured’s products or operations occurring prior to the termination of the required relationship with the named insured;
   3. the Data & Network Liability, Breach Response, Regulatory Defense & Penalties and Payment Card Liability & Costs insuring agreements, with respect to the performance of his or her duties as such on behalf of the insured organization;
   4. the Employee Benefits Liability insuring agreements, with respect to administration of the insured’s employee benefits program.
6. in relation to the Professional Liability, General Liability, Products/Completed Operations Liability, Fire Legal Liability and Medical Payments insuring agreements, any independent contractor and/or agent of the named insured. If the independent contractor is a physician, coverage is contingent on any such physician being an employed physician.
7. in relation to part 1. of the General Liability insuring agreement, any landlord, owner, or property manager of the designated premises; or any tradeshow or convention sponsor or operator; or any lessor of equipment. However, coverage provided to these insureds, shall apply solely:
   1. to claims first made against the insured during the policy period or any extended reporting period (if applicable);
   2. for claims arising out the named insured’s occupancy of, or failure to maintain the designated premises, but solely with respect to the products, goods or operations of the named insured and only if liability for such claim is determined to be solely the negligence or responsibility of the named insured; and
   3. for accidents at, on or upon that portion of the designated premises which is occupied by the named insured and taking place during the term of the named insured’s lease/occupancy of such designated premises.
8. in relation to parts 2. and 3 of the General Liability insuring agreement:
   1. The named insured;
   2. Any other person using a hired automobile with the named insured’s permission solely when such hired automobile is being used for the insured’s business purposes.
   3. With respect to a non-owned automobile, any partner, executive officer, employee or volunteer of the insured solely when such non-owned automobile is being used for the insured’s business purposes.
   4. Any other person or organization, but only with respect to their liability because of any acts or omission of an insured under parts (a), (b), or (c) above.
9. any entity for which the insured has assumed such entity’s liability in a written contract or agreement (an “additional insured”) that is also named in a claim if all of the following conditions are met:
   1. The claim against the additional insured seeks damages for which the insured has assumed liability;
   2. This Insurance applies to such liability assumed by the insured;
   3. The obligation to defend the additional insured has also been assumed by the insured in the same contract or agreement;
   4. The allegations in the claim and the information known about the incident are such that no conflict appears to exist between the interests of the insured and the interests of the additional insured;
   5. The additional insured and the insured ask us to conduct and control the defense of that additional insured against such claim and agree that we can assign the same counsel to defend the insured and the additional insured;
   6. The additional insured agrees in writing to:
      1. Cooperate with us in the investigation, settlement or defense of the claim;
      2. Immediately send us copies of any demands, notices, summonses or legal papers received in connection with the claim;
      3. Notify any other insurer whose coverage is available to the additional insured; and
      4. Cooperate with us with respect to coordinating other applicable insurance available to the additional insured; and
   7. The additional insured provides us with written authorization to:
      1. Obtain records and other information related to the claim; and
      2. Conduct and control the defense of the additional insured in such claim.

Loss means breach response services, business interruption loss, claims expenses, criminal reward funds, cyber extortion loss, damages, data recovery costs, dependent business loss, PCI fines and expenses and costs, penalties, loss covered under the eCrime insuring agreement and any other amounts covered under this Policy.

Multiple losses arising from the same or a series of related, repeated or continuing acts, errors, omissions or events will be considered a single loss for the purposes of this Policy.

With respect to the Breach Response and First Party loss insuring agreements, all acts, errors, omissions or events (or series of related, repeated or continuing acts, errors, omissions or events) giving rise to a loss or multiple losses in connection with such insuring agreements will be deemed to have been discovered at the time the first such act, error, omission or event is discovered.

Media liability means one or more of the following acts committed by, or on behalf of, the insured organization in the course of creating, displaying, broadcasting, disseminating or releasing media material to the public:

1. defamation, libel, slander, product disparagement, trade libel, infliction of emotional distress, outrage, outrageous conduct, or other tort related to disparagement or harm to the reputation or character of any person or organization;
2. a violation of the rights of privacy of an individual, including false light, intrusion upon seclusion and public disclosure of private facts;
3. invasion or interference with an individual's right of publicity, including commercial appropriation of name, persona, voice or likeness;
4. plagiarism, piracy, or misappropriation of ideas under implied contract;
5. infringement of copyright;
6. infringement of domain name, trademark, trade name, trade dress, logo, title, metatag, or slogan, service mark or service name;
7. improper deep-linking or framing;
8. false arrest, detention or imprisonment;
9. invasion of or interference with any right to private occupancy, including trespass, wrongful entry or eviction; or
10. unfair competition, if alleged in conjunction with any of the acts listed in parts 5. or 6. above.

Penalties means:

1. any monetary civil fine or penalty payable to a governmental entity that was imposed in a regulatory proceeding; and
2. amounts which the insured is legally obligated to deposit in a fund as equitable relief for the payment of consumer claims due to an adverse judgment or settlement of a regulatory proceeding (including such amounts required to be paid into a "Consumer Redress Fund");
   
   but will not include: (a) costs to remediate or improve computer systems; (b) costs to establish, implement, maintain, improve or remediate security or privacy practices, procedures, programs or policies; (c) audit, assessment, compliance or reporting costs; or (d) costs to protect the confidentiality, integrity and/or security of personally identifiable information or other information.
   
   The insurability of penalties will be in accordance with the law in the applicable venue that most favors coverage for such penalties.

Personally identifiable information means:

1. any information concerning an individual that is defined as personal information under any breach notice law; and
2. an individual's drivers license or state identification number, social security number, unpublished telephone number, and credit, debit or other financial account numbers in combination with associated security codes, access codes, passwords or PINs; if such information allows an individual to be uniquely and reliably identified or contacted or allows access to the individual's financial account or medical record information.
   
   but will not include information that is lawfully made available to the general public.

Security breach means a failure of computer security to prevent:

1. unauthorized access or use of computer systems, including unauthorized access or use resulting from the theft of a password from computer systems or from any insured;
2. a denial of service attack affecting computer systems;
3. with respect to coverage under the Liability insuring agreements, a denial of service attack affecting computer systems that are not owned, operated or controlled by an insured; or
4. infection of computer systems by malicious code or transmission of malicious code from computer systems.

Subsidiary means any entity:

1. which, on or prior to the inception date of this Policy, the named insured owns, directly or indirectly, more than 50% of the outstanding voting securities ("Management Control"); and
2. which the named insured acquires Management Control after the inception date of this Policy; provided that:
   1. the revenues of such entity do not exceed 15% of the named insured's annual revenues; or
   2. if the revenues of such entity exceed 15% of the named insured's annual revenues, then coverage under this Policy will be afforded for a period of 60 days, but only for any claim that arises out of any act, error, omission, incident or event first occurring after the entity becomes so owned. Coverage beyond such 60 day period will only be available if the named insured gives the Underwriters written notice of the acquisition, obtains the written consent of Underwriters to extend coverage to the entity beyond such 60 day period and agrees to pay any additional premium required by Underwriters.

This Policy provides coverage only for acts, errors, omissions, incidents or events that occur while the named insured has Management Control over an entity.

System failure means an unintentional and unplanned interruption of computer systems.

System failure will not include any interruption of computer systems resulting from (i) a security breach, or (ii) the interruption of any third party computer system.