As a merchant services provider we deal with PCI compliance on a daily basis. Earlier this year we wrote an article addressing the basics and what you should know about compliance. However, one aspect we did not cover was the impact of PCI compliance on your insurance coverage. Did you know your coverage can be denied if you are not in compliance? Here’s a couple of details you need to know to keep you out of trouble with this issue.
What You Don’t Know Can Hurt You
The standard form of professional liability insurance is commonly known as Errors & Omissions (E&O) insurance. This form of insurance protects the insured against liability for committing an error or omission in performance of professional duties. These policies are typically designed to cover financial losses including those related a credit cards and data breaches. If you have E&O insurance and have been checking the little box indicating that you are in compliance regarding credit card processing it’s important to know what you’ve done.
Yes, I Checked the Little Box
Two things could happen if you checked the box regarding PCI compliance. If you are not in full compliance the insurance company can cancel your policy. Things could get sticky around false reporting, too. Be sure to read our article on PCI compliance to get a better understanding of how you are representing your business if you do check that little box.
No, I Didn’t Check the Little Box
If you did not check the box on your insurance form chances are you’ve already heard back from the insurance company. In many cases insurance companies will deny coverage. The issue of data security and breaches are clogging the daily news feeds. It makes sense that insurance companies have a heightened focus on this topic and are increasing their scrutiny and standards in response. It’s no longer ok for you to check the little box and hope no one will ask about it.
Check That Little Box With Confidence
The best option is for you to rest easy and have confidence knowing that your company is PCI compliant. It keeps everybody happy. One step we recommend is moving all processing off-site and off of your data and business systems. Removing that functionality satisfies a number of PCI compliance points and can be done fairly quickly. The good news in this story is we’ve helped many of our clients meet compliance level without significant cost.
Regardless of your current status around PCI compliance keep these two things in mind: 1) brushing off the whole compliance thing can turn into pretty big trouble and 2) consider us pain relief for your compliance woes.
Give us your thoughts in the comments below. We welcome your comments!