1. Forms
2. CY
3. CY-20-02

What the form is

The CY 20 02 "Include Specified Individuals As Employees" endorsement is an Insurance Services Office (ISO) form used to amend the definition of "employee" within a commercial cyber insurance policy. Its primary function is to extend coverage to specific individuals who are named in the endorsement's schedule, treating them as employees for the purposes of the policy, even if they do not meet the standard definition of an employee (e.g., leased employees, temporary staff, consultants, or volunteers who have significant access to the insured's systems or data).

Classes of business it applies to

This endorsement is versatile and can be beneficial for a wide range of businesses that rely on individuals who are not traditional W2 employees but play crucial roles involving sensitive data or network security. Examples include:

• Companies heavily reliant on independent contractors or consultants for IT services, data processing, or other critical functions. For instance, a small business that outsources its IT management to a specific individual contractor.
• Organizations that utilize volunteers who handle personal information or have access to internal networks, such as non-profits or community groups.
• Businesses that use temporary staff or leased employees from staffing agencies for roles that involve access to confidential company or customer data.

Special considerations

There are several important points to consider when using the CY 20 02 endorsement:

• Specificity is key: The individuals to be included as employees must be clearly and accurately named in the schedule of the endorsement. Ambiguity can lead to coverage disputes.
• Scope of coverage: While this endorsement grants these individuals "employee" status, the extent of coverage will still be governed by the terms, conditions, and exclusions of the main cyber policy.
• Underlying policy definition: It's important to understand the policy's original definition of "employee" to determine if this endorsement is necessary for the individuals in question.
• Request by insured: The named insured must typically request this endorsement.

Key information for agents and underwriters

For Agents:

• Proactively discuss with clients their organizational structure and identify any key individuals who are not standard employees but have significant data or system access.
• Explain the potential coverage gap if such individuals are not explicitly covered and how this endorsement can address that gap.
• Ensure the schedule of individuals is accurate and kept up-to-date, especially if there are changes in personnel.

For Underwriters:

• When this endorsement is requested, carefully evaluate the roles and responsibilities of the individuals being added.
• Assess the level of access these individuals have to sensitive information, critical systems, and network infrastructure.
• Consider any risk management or security protocols in place specifically for these non-standard employees (e.g., contractual agreements regarding data security, background checks).
• The addition of certain individuals might influence the risk profile and could potentially impact pricing or require specific risk mitigation measures.
• Ensure the number and type of individuals being added are reasonable for the nature and size of the insured's operations.