If other, please advise?
Business activities, please describe:
Business turnover, and any subsidiary business turnover:
Gross Turnover for Past Year & Current Year:
Estimate of Turnover for coming year:
Payment information required:
Please complete information below regarding the type and amount of information you are responsible for and the electronic protections in place.
A. All information should related to National Insurance # / driving license# / passport # or other national or local identification.
B. Financial account records or payment card information.
C. Other personally identifiable information.
Maximum number of records stored on your network at any one time?
Are records always encrypted while at-rest on the network?
Are records always encrypted while in transit within and out of the network including on wireless networks, in file transfer and in email?
Always encrypted on mobile computing devices including laptops and PDA's
Always encrypted on mobile storage devices including USB flash drives and DVD's
If you release records to outsources, do you always;
Please use the space below to describe any additional details regarding your answers above including any compensating controls implemented in the absence of encryption to protect any sensitive information.
a. Is all information stored on back up tapes / cassettes / disks, etc. encrypted as standard practice?
b. Do you require that any transportation or storage company indemnify you if they lose your data or your data is lost or stolen while in their custody?
a. Do you restrict access to personally identifiable information to only those personnel required access to such information?
b. Do you restrict physical access to personally identifiable information?
c. Do you track and monitor all access to sensitive data on your network?
Tick if yes:
b. Do you maintain a written policy that addresses information security?
c. Do you have a written process in place to notify those affected if their personally identifiable information is compromised?
d. Has a third party audited your privacy practices in the last 2 years?
e. Do you use and maintain a firewall configuration to protect data?
f. Do you use and regularly update anti-virus software?
g. Do you monitor security vulnerabilities and appropriately patch your systems and applications according to the extent of the vulnerability?
h. Have you conducted a review to determine what personally identifiable information you handle and where it is stored?
i. Do you use tools to monitor what data enters your network?
j. Do you use tools to monitor what data flows out of your network?
k. If you responded yes to questions i. and/or j. above, do you review the output of these tools to spot malicious or suspicious activity at least once a week?
a. Have you ever been investigated in respect of personally identifiable information, including but not limited to payment card information, or your privacy practices?
b. Have you been asked to supply any regulator or similar body with information relating to personally identifiable information or your privacy practices?
c. Have you ever been asked to sign a consent order or equivalent in respect of personally identifiable information or your privacy practices?
d. Have you ever received a complaint relating to the handling of someone’s personally identifiable information?
a. Have you suffered any loss or has any claim whether successful or not ever been made against you?
If Yes, please specify details (attach additional information if required):
b. Are you aware of any matter which is likely to lead to you suffering a loss or a claim being made against you?
Please provide us with details of any other information which may be material to our consideration of your application for insurance. If you have any doubt over whether something is relevant, please let us have details:
Data Protection Act By accepting this proposal form you consent to Hiscox using the information we may hold about you for the purpose of providing insurance and handling claims, if any, and to process sensitive personal data about you where this is necessary (for example health information or criminal convictions). This may mean we have to give some details to third parties involved in providing insurance cover. These may include insurance carriers, third-party claims adjusters, fraud detection and prevention services, reinsurance companies and insurance regulatory authorities. Where such sensitive personal information relates to anyone other than you, you must obtain the explicit consent of the person to whom the information relates both to the disclosure of such information to us and its use by us as set out above. The information provided will be treated in confidence and in compliance with the Data Protection Act 1998. You have the right to apply for a copy of your information (for which we may charge a small fee) and to have any inaccuracies corrected.
I accept this declaration
Declaration I/We declare that (a) this proposal form has been completed after proper enquiry; (b) its contents are true and accurate and (c) all facts and matters which may be relevant to the consideration of our proposal for insurance have been disclosed. I/We undertake to inform you before any contract of insurance is concluded, if there is any material change to the information already provided or any new fact or matter arises which may be relevant to the consideration of our proposal for insurance. I/We understand that non-disclosure or misrepresentation of a material fact or matter will entitle Hiscox Insurance Company Limited to avoid this insurance. I/We agree that this proposal form and all other written information which is provided are incorporated into and form the basis of any contract of insurance.
I have read the declaration and agree
Name of Principal/Partner/Director
Please initial below in captial.