Whether you have dot-com companies as clients, or merely do business in the Internet age, you should ask questions about the way insurance is handled within the electronic arena.

It is readily apparent to anyone paying attention that business is conducted differently today that it was 10 years ago, five years ago or even one year ago. The Internet has transformed the processes radically, opening new channels of distribution and causing some of the operators of the old channels to feel like buggy whip distributors must have felt like after the Model T became popular.

Virtually all companies use the Internet to some degree. The most common usage is:

• A Web site as an access point to the business
• E-commerce
• An ISP, ASP or portal

Insurance policy wording has traditionally been slow to change, many times only changing due to the even slower legal system. It is not surprising that the language in policies has not kept up with the Internet explosion. The things we fear (and therefore insure) are changing, and it is important that the insurance coverage respond appropriately.

First party claims -- damage or injury to your property: One fairly simple, but frequently overlooked exposure is coverage for goods shipped overseas. Most policies will only cover domestic or U.S. shipments, unless the policy is modified to include international shipments, or a specific policy is taken out.

Computer fraud coverage is also available generally from the same insurers providing your employee dishonesty coverage. This insurance provides protection against theft by transfer of property or money/securities by a third party generally outside of your premises to somewhere else (generally their account!).

Third party claims -- damage or injury to someone else or their property: Least noticeable, but possibly most important is the definition of the covered territory. The Internet allows easy access to the global market. Virtually all of the policies define the coverage to apply only to claims brought in the United States. This becomes a much bigger issue if the company is selling products all over the world. Either the definition must be amended to allow suits to be filed outside the nation's borders, or a separate foreign liability policy should be purchased.

Many companies have substantial databases on their networks, which include sensitive or private data of others. Examples of firms that should consider this exposure most seriously are:

• Legal, banking and accounting firms
• ISPs
• Healthcare providers
• Anyone else who does business over the Internet

Should an outside party gain access to the network, serious consequences could result. Several world-class insurers now offer insurance coverage to protect against such unauthorized access, breach of security and other consequences. For example, Network Risk Management Services, based in Atlanta, GA, distributes a policy which includes both risk assessment and insurance in this critical area. Your insurance broker can access the quotations from them on your behalf.

AIG has done just that -- developed policies for three levels of Internet users and provided affirmative grants of coverage applicable to each of them:

• Companies that "do business" on the Internet by virtue of having a Website
• Companies with significant "e-tail" operations (click and mortar companies)
• ISPs, portals, hosts and browsers

The base coverages are the same, but as the operations of the firms expand, so do the companies. For example, for the click and mortar companies, the coverage can include claims arising out of unauthorized access to customers' credit card information.

AIG will also provide suggested procedures and disclaimers for those firms operating chat rooms. "Open" chat rooms and digital certificate issuance firms still present substantial risk to the insurers and coverage forms are still being developed.

The insurance industry is adapting to the new age, but until case law and/or competition require it, coverage forms will lag behind the needs of the buyer. The best recommendation to be made is to have a clear idea of what outcomes are of the most concern to the operation of your clients' businesses and then make sure that you are providing the necessary coverage.

First published on April 3, 2000.