Insurance Recovery Newsletter Vol. XIV, Winter 2017

Table Of Contents

Avoid Employment Claim Pitfalls With Employment Practice Liability Insurance Coverage

By Drew Maconachy

Ohio is an employment-at-will state. This means that the employer, or employee, may terminate the employment agreement for any reason that is not contrary to law or contract. In our current economic environment with relatively high unemployment, this doctrine tends to favor the employer because of the comparatively low standards required to terminate employees. The intent of this article is to detail four of the most common exceptions to the employment-at-will doctrine, and explain how employers can mitigate the risk that these exceptions create.

Common Exceptions to the Employment-At-Will Doctrine

The first two common exceptions to the employment-at-will doctrine involve explicit contracts: collective bargaining agreements and written employment agreements. The existence of either essentially nullifies the employment-at-will doctrine, assuming the relevant agreement covers the manner with which employment may be terminated. Therefore, if an employer discharges an employee in contravention of the terms of such an agreement, it will likely be liable for a breach of contract and exposed to damages such as back pay, compensatory damages, and even punitive damages in certain cases.

The third exception to the doctrine is likely the most obvious, and arises where an employer violates specific state or federal law when terminating an employment arrangement. The list of employment-at-will exceptions, under state and federal law, includes but is not limited to:
 
1. retaliation for filing a workers compensation claim,
2. discrimination based on age,
3. race,
4. sex,
5. origin,
6. color,
7. religion,
8. pregnancy,
9. handicap,
10. ancestry,
11. whistle blowing,
12. serving on a jury,

13. having a criminal record that has been expunged.

The foregoing list is not exhaustive and employees routinely bring multiple-count suits against former employers. While most policyholders understand conceptually that they may be exposed to an employment practices lawsuit, avoiding such suits is not always as simple as it might appear.

The final commonly litigated exception to the employment-at-will doctrine is one arising from an implied contract. Unlike a written agreement that has the terms of employment written and agreed to by both parties, an implied agreement has no such documentation and thus must be inferred by a court based on the circumstances surrounding employment and termination. These circumstances might include employee handbooks, company policy, custom, and oral representations. The Ohio courts have ruled that any one or a combination of several, of these circumstances may create contractual obligations by implication. Since each situation is unique, it is very difficult for employers to completely insulate themselves from loss arising from implied contracts using only risk mitigation tactics.

Mitigation and Transfer of Risks Arising from Employment Claims

The best way for employers to protect themselves against the negative publicity and financial loss that may arise from an employment practices lawsuit is a combination of risk mitigation and risk transfer.

Risk mitigation is the practice of taking proactive, or pre-incident, measures to lower the likelihood of a defined exposure. In this case, that might involve an employment attorney or insurance broker with an employment practices expertise to advise the company on the proper procedures to align it with industry best practices. For instance, such professionals will be able to provide language in your employee handbook to lower the risk of the courts viewing it as an implied contract.

However, risk mitigation doesn’t work in all cases, and certainly doesn’t eliminate the risk of frivolous claims and associated legal defense costs. This creates the need for risk transfer, which is the most thorough way for an employer to insulate themselves from an employment practices claim. In this case, risk transfer would involve the procurement of an employment practices liability insurance policy (also referred to an “EPLI” or E.P.L. policy). “EPLI” coverage protects employers (or fellow employees) when an employee claims that their rights were violated as a result of their employment. An insurer issuing an EPLI policy should respond initially by assigning an employment attorney to the case whose duty is to protect the interests of the employer. The policy will pay for defense costs and potential settlements or judgements that result from the litigation. Additionally, insurance companies are providing more services free of charge to their customers to differentiate themselves in an increasingly competitive market, including counseling policyholders in engaging in risk mitigation tactics like those previously mentioned. Relative to other lines of insurance that business owners purchase, EPLI coverage can be inexpensive, and the price will continue to drop as you work with your insurance company to decrease your mutual exposure to claims that would be covered under their policy.

While employment-at-will tends to be an employer-friendly doctrine, there are several pitfalls that require close attention, and the potential for a frivolous lawsuit is ever-present. Employers can combat employment practices pitfalls by partnering with industry experts, following best practices when creating employee-facing documents, and purchasing an EPLI policy that aligns with their specific needs.

Share Article Via

Back To Top

Security Gaps

Lucas M. Blower

We are at least a decade into our national anxiety over cyber security. The first of the massive data breaches happened in 2005. That is when an AOL employee stole data on 92 million subscribers and sold it to spammers. Also that year, data on 3.9 million Citigroup customers was lost in the mail. In nearly every year since, data breaches have grown in volume and frequency, so that they now feel less like shocking invasions of privacy, and more like one of the many, mundane risks we navigate every day.

Despite the regularity of the risk, there is still no uniform insurance product for data breaches. Many products are named “cyber insurance,” or something similar. But each policy is bespoke and provides a varying range of coverage. And, just because you bought something that sounds like it might give you complete coverage against data breaches, it doesn’t mean that it will.

In 2016, two policyholders learned that lesson the hard way. The first was P.F. Chang’s China Bistro, the victim of a data breach which exposed around 60,000 credit card numbers belonging to its customers. See P.F. Chang’s China Bistro, Inc. v. Fed. Ins. Co., No. CV-15-01322-PHX-SMM, 2016 WL 3055111 (D. Ariz. May 31, 2016). The restaurant immediately notified its insurer, Federal Insurance Company, which had issued a CyberSecurity Policy to P.F. Chang’s corporate parent.

Federal marketed this policy as covering “direct loss, legal liability, and consequential loss resulting from cyber security breaches.” Id. at *1. But, when P.F. Chang’s made a claim, Federal only agreed to pay about half of it. The other half of the claim, which Federal refused to pay, was due to a $1.9 million fee assessed to P.F. Chang’s by the company that processed its credit card payments. The purpose of the fee was to reimburse the credit card companies for costs they incurred in responding to the breach.

The court held that, while the fee might fall within the coverage grant of the policy, it was nonetheless excluded. The policy excluded losses arising from “contractual obligations an insured assumes with a third-party outside of the Policy.” Id. at *7. This exclusion applied to the fee, according to the court, since P.F. Chang’s agreed to pay the fee as part of a contract with a third-party processor. So, even though P.F. Chang’s believed it had coverage against this sort of fee, it was excluded because the fee was the product of a contract. The court recognized, however, that if there were another basis for P.F. Chang’s liability, independent of the contract, then the fee may have been covered by the policy. Id. at *8. (P.F. Chang’s is appealing the court’s decision.)

In another case from 2016, Camp’s Grocery, Inc. v. State Farm Fire & Cas. Co., No. 4:16-cv-0204 (N.D.Ala. Oct. 25, 2016), the policyholder found itself with even less coverage. Hackers stole credit card information from Camp’s Grocery, Inc., which operates a Piggly Wiggly grocery store in Alabama. The credit card companies sued Camp’s, which turned to its insurers for a defense. Camp’s policy included an endorsement that provided coverage for loss to computer programs and electronic data. Camp’s argued that this endorsement provided coverage against data breaches. The court, however, disagreed, holding that the endorsement only provided first-party coverage, not third-party coverage against data breaches.

These two cases underscore the need for policyholders to closely examine the coverage provided by their cyber policies. The confusing array of available products may create a misleading impression for policyholders. So policyholders should read the policy carefully and consider consulting professionals, such as insurance brokers, to review the cyber policies before purchasing them.

Share Article Via

Back To Top

Does a Software Audit Request Constitute a Claim Under a D&O Policy?

Christopher T. Teodosio

Ohio’s Third District Court of Appeals, in Eighth Floor Promotions v. The Cincinnati Insurance Companies, 3d Dist. Mercer No. 10-15-19, 2016-Ohio-7259, recently found that a software audit request – a letter from a software company inquiring about a company’s use or unauthorized duplication of its software – was a “claim” under a D&O policy. Specifically, the Court reasoned that the audit request was a claim because it: (1) sought to determine the extent of copyright violations (rather than if a violation occurred); (2) threatened litigation if the company did not perform a software audit; and (3) asked the company to preserve evidence.

Typical Fact Pattern

This is an increasingly familiar scenario. Your company receives a letter from a software company claiming that your company has engaged in the unauthorized use of software. The software company, wanting to avoid litigation, provides you with the opportunity to resolve the claim outside of the courtroom – if your company takes certain steps. Your company must conduct a comprehensive investigation to identify unpermitted software usage and report the results to the software company. The software company reserves its right to sue you if settlement is unsuccessful and tells you to preserve any evidence related to your software usage. Does this audit request constitute a claim under your D&O insurance policy?

The Eighth Floor Promotions Case

This was the question presented in Eighth Floor Promotions. In that case, Eighth Floor’s D&O policy provided that the insurer would “pay on behalf of the ‘company’ all ‘loss’ which the ‘company’ [was] required to pay as indemnification to the [directors, officers, or employees of the company] resulting from any ‘claim’ for a ‘wrongful act.’” The policy defined a “claim” as a “written demand for monetary damages or non-monetary relief.” Eighth Floor submitted the audit request to its insurance company, but the insurer denied coverage because it did not believe the letter was a “claim” under the policy.

The Third District, however, found that the audit request was a claim because it: (1) “sought to determine the extent of copyright violations” rather than if a violation occurred; (2) implied that the software company would sue Eighth Floor if it did not conduct the company-wide audit; and (3) asked Eighth Floor to preserve evidence.

The lesson from Eighth Floor is clear. A policyholder should notify its D&O insurer when they receive a software audit letter. In addition, a policyholder may use Eighth Floor to argue a demand letter is a “claim” under its D&O policy where the letter asserts the policyholder has already committed violations and forces the policyholder to take certain action under threat of litigation.

Share Article Via

Back To Top

Policyholders Must Be Vigilant About Providing Notice Under Claims-Made Policies

Kerri L. Keller

While it is true that policyholders failing to comply with notice provisions risk compromising their coverage, in many instances, coverage will be forfeited only if the insurer demonstrates that late notice has resulted in prejudice. As such, when policyholders are confronted with denials based on their failure to provide timely notice, they often assert that the insurer must demonstrate prejudice. As policyholders are finding out, however, courts may be hesitant to require prejudice in cases that involve claims-made policies.

For example, in 2011, Ashland Hospital Corporation agreed to pay $40.9 million to resolve allegations by the United States Department of Justice that it billed federal healthcare programs for heart procedures that were not medically necessary.1 Ashland admittedly did not provide timely notice and the insurer denied coverage. Ashland’s primary argument in support of coverage was that its late notice should only preclude coverage if the insurer could demonstrate actual prejudice. In support of its position, Ashland relied upon prior case law which held that the absence of prejudice could serve as an exception to late notice. The insurer disagreed.

On appeal, the court determined that the insurer was not required to establish prejudice because notice was a “condition precedent” to coverage. It noted that a majority of jurisdictions do not require a showing of prejudice for late notice under a claims-made policy, but rather, prejudice was only required under occurrence-based policies. This case was premised on Kentucky law; however, the court’s ruling echoes the position taken by some courts and could foreshadow possible rulings in others.

For instance, the most recent Ohio court to confront this issue examined other cases and noted, as did the court in Ashland, that claims-made policies were different than occurrence-based policies and that late notice under a claims-made policy is not negated by an inability to establish prejudice.2 The court noted that, in some policies, notice provisions are bargained-for requirements that are part of supplemental policy endorsements; whereas, “a general notice requirement in an occurrence-based policy is not an essential part of the bargained-for exchange.”3 Another reason was that claims-made policies provide the insurer with a better ability to calculate risk and premiums because the insurer’s exposure is limited to a specific timeframe; whereas, notice provisions in occurrence-based policies serve to alert the insurer to a claim so that it can begin to investigate a claim.

Importantly, this commentary was from an Ohio trial court and, while the court discussed the application of the notice-prejudice rule to claims-made policies, it never ruled directly on the issue. Thus, its discussion of the notice-prejudice rule as applied to claims-made policies only serves to foreshadow possible future rulings in other cases. Neither the Ohio Supreme Court nor any intermediate Ohio appellate court has ruled on this specific issue, however, and there are arguments that favor application of the notice-prejudice rule even for claims-made policies.

Specifically, the Ohio Supreme Court has not ruled on the specific issue whether the notice-prejudice rule applies to claims-made policies, and the one Ohio Supreme Court case involving the issue of late notice, albeit in the context of assessing a prompt notice provision, required a showing of prejudice by the insurer. The basis for this decision was that late notice without prejudice is not a material breach, and one of the most basic premises of contract law is that breaches must be material in nature.4 In other words, absent prejudice to the insurer, late notice would amount to an inconsequential breach of contract by the insured and, as a matter of law, should not preclude coverage which is an argument that can be applied to all policies.

Furthermore, to the extent an insurer tried to argue that notice under a claims-made policy was provided within the policy period or an extended reporting period but not “as soon as practicable,” it would be likely that a court – even one disfavoring the application of the notice-prejudice rule in claims-made policies – would require a showing of prejudice. Lastly, policyholders still would have arguments to make if the policy language or notice provisions incorporated into claims-made policies were ambiguous or unclear.

Because the law is unsettled, the best advice for policyholders is to always timely provide notice under either a claims-made or an occurrence-based policy in order to avoid any argument by an insurer that there is no coverage due to late notice. In other words, policyholders must be mindful of any specific notice provisions in their policies and be vigilant about providing timely notice when they learn of a claim.

1Ashland Hospital Corporation v. RLI Insurance Company, 2016 U.S. App. LEXIS 4056 (6th Cir. Ky. 2016).
2Quail Energy Corp. v. Greenwich Ins. Co., 2015 Ohio. Misc. LEXIS 13447 (Franklin County 2015).
3Id. (citing Starr Indem. & Liab. Co. v. SGSPetroleum Serv. Corp., 719 F.3d 700 (5th Cir. 2013)).
4See generally Ferrando v. Auto-Owners Mut. Ins. Co., 98 Ohio St.3d 186, 2002-Ohio-7217.

Share Article Via

Back To Top

Attorney Highlights

Christopher J. Carney, Clair E. Dickinson, Meagan L. Moore and Paul A. Rose were named to the Best Lawyers in America 2017.

Lucas M. Blower, Kerri L. Keller, P. Wesley Lambert, Amanda M. Leffler, Caroline L. Marks, Amanda P. Parker and Paul A. Rose spoke at the Brouse McDowell 2016 Annual Insurance Coverage Conference on October 13, 2016 at The Embassy Suites in Independence, Ohio.

Lucas M. Blower was certified as a specialist in Insurance Coverage Law by the Ohio State Bar Association.

Matthew K. Grashoff was interviewed for an upcoming story in Reactions magazine about the potential insurance implications of lawsuits regarding the operation of wastewater injection wells.

Christopher J. Carney, Kerri L. Keller, P. Wesley Lambert, Amanda M. Leffler, Caroline L. Marks and Paul A. Rose were listed as 2017 Super Lawyers® Ohio Super Lawyer through a peer- and achievement-based review conducted by the research team at Super Lawyers®, a service of Thompson Reuters legal division.

Lucas M. Blower, Alexandra V. Dattilo, Gabrielle T. Kelly, Meagan L. Moore and Anastasia J. Wade were named 2017 Ohio Super Lawyers® Rising Stars™ Ohio Super Lawyer through a peer- and achievement-based review conducted by the research team at Super Lawyers®, a service of Thompson Reuters legal division.

Amanda M. Leffler was named in the Top 25: 2017 Cleveland Women Super Lawyers Top List and Top 50: 2017 Women Ohio Super Lawyers Top List.

Amanda M. Leffler was elected to the Leadership Akron Board of Directors, and has also joined the Distribution Committee for the Sisler McFawn Foundation.

Kerri L. Keller and P. Wesley Lambert spoke at the NBI seminar titled “Insurance Coverage Litigation: Secrets Insurance Companies Don’t Want Attorneys to Know” on December 8, 2016.

Kerri L. Keller and P. Wesley Lambert presented a webinar hosted by the Ohio State Bar Association titled “Cyber and Social Engineering Fraud Insurance Coverage: Staying on the Cutting Edge of Coverage Disputes in An Evolving Insurance Landscape.”

Share Article Via

Back To Top