Continuity of Coverage Best Practices

In the specialized world of Cyber Liability Insurance, continuity of coverage is not merely a convenience—it is a critical structural requirement for risk management. Unlike traditional occurrence-based policies (such as General Liability), cyber insurance is almost exclusively written on a claims-made and reported basis. This means the policy in effect at the time a claim is made and reported to the insurer is the one that responds, provided the incident occurred after the policy's retroactive date.

Maintaining continuity ensures that there is no gap in time during which a breach could occur without being covered. If an organization allows its coverage to lapse, even for a single day, or fails to maintain its original retroactive date when switching carriers, it may lose protection for all prior acts. This concept is fundamental for those preparing for the complete Cyber Liability exam guide, as it governs how insurers assess historical risk.

The Retroactive Date (often called the 'Retro Date') is the specific point in time from which an insured began maintaining continuous claims-made coverage. Any incident that occurs before this date will not be covered, even if the claim is filed while the current policy is active. When a policy is renewed with the same carrier, the retroactive date typically remains the same as the original inception date.

Best practices for continuity include:

• Verifying the Retro Date: Always ensure the retroactive date on a new policy matches the date on the expiring policy.
• Avoiding 'Full Prior Acts': While 'Full Prior Acts' coverage sounds superior, it is rare in cyber; most carriers require a defined date to limit exposure to unknown legacy vulnerabilities.
• Consistency: Maintaining the same carrier can simplify continuity, but if a switch is necessary, the new carrier must explicitly 'pick up' the prior acts by honoring the existing retroactive date.

One of the most vital best practices for maintaining continuity occurs during the transition between carriers. If an insured is aware of a situation that might lead to a claim but has not yet ripened into a formal demand, they should utilize the Notice of Circumstance provision in their expiring policy. By reporting the circumstance to the current carrier before the policy expires, they 'lock in' coverage with that carrier, regardless of when the formal claim eventually arrives.

Failing to report known circumstances before switching carriers is a leading cause of coverage denials. The new carrier will likely exclude any 'known incidents' or 'prior knowledge' events in their application, leaving the insured with a significant gap in protection. Practitioners should review practice Cyber Liability questions to understand how timing impacts claim acceptance.

If an organization ceases operations, is acquired, or decides to cancel their cyber policy without replacing it, they must consider an Extended Reporting Period (ERP), commonly known as 'Tail Coverage.' This does not cover new breaches that occur after the policy ends; instead, it extends the time the insured has to report claims for breaches that occurred before the termination but after the retroactive date.

ERPs are essential for maintaining continuity during mergers and acquisitions. Without an ERP, the 'tail' of liability for past data handling practices is left uninsured, which can derail corporate transactions or leave former directors and officers personally exposed to litigation.