1. Forms
2. CY
3. CY-DS-01

What the Form Is

The CY DS 01 11 21 is the standard declarations page provided by Insurance Services Office, Inc. (ISO) for the Information Security Protection Cyber Policy. Its primary function is to summarize the essential information unique to a specific insurance contract. This form personalizes the broader policy language by clearly listing the named insured, mailing address, policy period, producer, company providing the coverage, and the specific coverages, limits, deductibles, and other key terms agreed upon by the insurer and the insured.

Classes of Business It Applies To

This declarations form is utilized for a wide array of commercial entities that procure an Information Security Protection Cyber Policy. It is relevant for businesses that handle sensitive data (customer, employee, or corporate), rely heavily on computer systems and networks for their operations, or maintain an online presence. These characteristics make them susceptible to various cyber risks, including data breaches, network security failures, privacy violations, and cyber extortion. Real-world examples include:

• Retail businesses (online and brick-and-mortar) that process and store customer payment card information.
• Healthcare organizations (hospitals, clinics, private practices) that manage electronic patient health records.
• Financial institutions (banks, credit unions, investment firms) that handle sensitive financial data and transactions.
• Technology companies, including software developers, IT service providers, and data hosting services.
• Professional service firms such as law firms, accounting firms, and consultants that possess confidential client information.
• Educational institutions that store student and faculty data.

Special Considerations

Several important aspects should be noted when dealing with the CY DS 01 11 21:

• Claims-Made and Reported Basis: Cyber insurance policies, including those using this declarations page, are often written on a claims-made and reported basis. This means that for coverage to apply, a claim must be first made against the insured and reported to the insurer during the policy period or any contractually agreed-upon extended reporting period. The declarations page will typically include a notice regarding this provision.
• Retroactive Date: The declarations may specify a retroactive date for certain insuring agreements. This date is crucial as it limits coverage to wrongful acts that occur on or after this specified date. If no date is listed, or if "none" is indicated, the coverage may apply to acts that occurred at any time prior to the policy inception, provided the claim is first made during the policy period.
• Selection of Insuring Agreements: The Information Security Protection Cyber Policy often contains multiple distinct insuring agreements (e.g., Security Breach Liability, Web Site Publishing Liability, Programming Errors And Omissions Liability). The CY DS 01 11 21 will clearly indicate which of these insuring agreements are active for the specific policy, along with their individual limits, sublimits, and deductibles. Coverage only applies to those insuring agreements shown as active on the declarations.
• Aggregate Limits: The form will state the policy aggregate limit of insurance, which is the maximum amount the insurer will pay for all claims during the policy period.

Key Information for Agents and Underwriters

For insurance agents and underwriters, the CY DS 01 11 21 is a critical document requiring careful attention:

• Accurate Data Representation: All information on the declarations, including the named insured's legal name, address, website address(es), and form of business, must be accurate and current to ensure proper coverage.
• Defining Scope of Coverage: Agents must thoroughly explain to clients which insuring agreements have been selected, the applicable limits and sublimits, deductibles (including any time-based deductibles for business income), and the implications of the retroactive date and claims-made provisions.
• Endorsements: The declarations page will list all endorsements attached to and forming part of the policy. These endorsements can significantly alter coverage, so they must be reviewed carefully.
• Underwriting Basis: Underwriters use the information that will eventually populate the declarations (often gathered from the application) to assess the risk profile of the applicant and determine appropriate pricing and terms. The final declarations reflect the outcome of this underwriting process.
• Premium Calculation: The premium charged for the policy is directly tied to the coverages, limits, and other specifics outlined in the declarations.