Data Breach, Privacy, and Cyber Insurance

Law & Social Inquiry, 2017, Forthcoming

UC Irvine School of Law Research Paper No. 2017-23

26 Pages Posted: 1 Jun 2017

See all articles by Shauhin A. Talesh

Shauhin A. Talesh

University of California, Irvine School of Law

Date Written: May 25, 2017

Abstract

While data theft and cyber risk are major threats facing organizations, existing research suggests that most organizations do not have sufficient protection to prevent data breaches, deal with notification responsibilities, and comply with privacy laws. This article explores how insurance companies play a critical, yet unrecognized, role in assisting organizations in complying with privacy laws and dealing with cyber theft. My analysis draws from and contributes to two literatures on organizational compliance: new institutional organizational sociology studies of how organizations respond to legal regulation and sociolegal insurance scholars’ research on how institutions govern through risk. Through participant observation at conferences, interviews, and content analysis of insurer manuals and risk management services, my study highlights how insurers act as compliance managers for organizations dealing with cyber security threats. Well beyond pooling and transferring risk, insurance companies offer cyber insurance and unique risk management services that influence the ways organizations comply with privacy laws.

Suggested Citation

Talesh, Shauhin A., Data Breach, Privacy, and Cyber Insurance (May 25, 2017). Law & Social Inquiry, 2017, Forthcoming, UC Irvine School of Law Research Paper No. 2017-23, Available at SSRN: https://ssrn.com/abstract=2974233

Shauhin A. Talesh (Contact Author)

University of California, Irvine School of Law ( email )

401 E. Peltason Drive, Ste. 4800L
Irvine, CA 92697
United States
818-439-2719 (Phone)

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Downloads
536
Abstract Views
2,006
Rank
108,282
PlumX Metrics