Breach Insurance

A: Basys offers breach insurance through the North American Data Security RPG (the “Company”), a risk purchasing group authorized under the Liability Risk Retention Act (LRRA). This federal law was enacted in 1986 to facilitate cost-efficient liability insurance.

A: Any Level 2, 3 or 4 merchant account is eligible, provided the merchant account has not already suffered a data compromise. Level 1 merchant accounts are not eligible.

A: Merchant accounts are not required to be PCI compliant; however, if a breach occurs, the merchant account must become certified compliant before that merchant can participate in coverage under the Policy.

A: The $100,000 breach insurance plan covers:

• • • • Cost of the mandatory forensic audit*
    • • Card replacement costs and related expenses
    • • PCI DSS and regulatory fines and assessments resulting from a breach
    • • Cost of Account Data Compromise Recovery (ADCR) fines for credit card fraud
    • • Software and Hardware Upgrades when ordered in lieu of a fine, under a sublimit of $10,000 per MID and $25,000 per Merchant
    • • Breach notification expenses, under a sublimit up to $10,000
    • • Drafting of notification letters
    • • Printing and mailing expenses
    • • Required media notifications (newspaper or radio announcement)

* In the event of a breach, the merchant will be billed for a forensic audit in conjunction with the breach. The breach insurance would help defray this cost. If the merchant is found at fault, they lose the fraudulent refund and will also be responsible for the cost of the audit. Please take this into consideration before submitting a claim.

A: No, there is no deductible. By including this policy with your program, you provide a generous benefit to your merchants.