ACE USA Announces Data Breach Team Expansion for ACE DigiTech & ACE Privacy Protection Policies

PHILADELPHIA--(BUSINESS WIRE)--ACE USA, the U.S.-based retail operating division of the ACE Group, today announced the addition of five new member firms to its ACE Data Breach Team. This pool of independent, third-party professional service providers have the capabilities and experience to help organizations and businesses execute on comprehensive data breach response plans. In an ongoing effort to help policyholders mitigate and manage the rising risk and expense of data breaches, ACE has expanded this panel of independent legal, computer forensic, notification, call center, crisis communications, fraud consultation, credit monitoring, and identity restoration firms.

“We are pleased to announce the expansion of the ACE Data Breach Team panel,” said Toby Merrill, Vice President, ACE Professional Risk, “as part of our ongoing effort to offer choices to our policyholders for their data breach response. To draw a parallel to healthcare, just as we want to select the best physician for ourselves and our family, policyholders want to select the best vendors who will handle their organization’s response to a breach of sensitive customer data.”

Michael Tanenbaum, Senior Vice President, ACE Professional Risk added, “It has become clear that many midsize and smaller companies have the desire but may often lack the resources to develop a sophisticated security risk management program. As a result, they require additional guidance in locating qualified vendors to deal with these events. In contrast, many large organizations have well-developed data breach response plans that include a list of reputable vendors who match their needs. These firms want to select their own vendors and should not have to choose them from a short vendor list. ACE is dedicated to providing choice to our policyholders, and, as a result, we are confident we can provide them with a customized solution that will meet their needs.”

Due to increasing regulations affecting industries like healthcare, consumer finance, and retail trade, a breach response plan and the service providers who will execute the plan should not follow a universal “one-size-fits-all” approach for every company, regardless of industry. As a result, it is important to have a wide range of service providers who have experience -- not only with the services they provide - but also within a particular industry that may require a tailored approach, based on legislation.

“An organization in the healthcare field experiencing a breach that compromises medical records has highly specific needs for legal, notification, and identity-monitoring procedures. This is true because, given the nature of Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act, electronic health records are increasingly used and, as a result, the potential risk of medical identity theft has grown in response. Meanwhile, a loss of credit card numbers at a retail chain may require a different notification process and different set of monitoring services to be offered by the chain to their affected individuals,” said Anthony Dagostino, Vice President, ACE Professional Risk.

ACE Professional Risk’s industry-leading privacy protection and network liability protection policies, ACE DigiTech® and ACE Privacy Protection®, provide privacy, network security, and media liability coverage for all industries, include access to ACE’s Data Breach Team, with the added benefit of discounted loss control service fees for ACE policyholders. The ACE DigiTech® policy also offers technology errors & omissions and miscellaneous professional liability coverage.

ACE Professional Risk’s Data Breach Team, combined with the Data Breach Team Endorsement, bridges the gap between risk transfer and purchased loss control, creating a comprehensive risk management program for privacy, data breach, and network security risk.

Additional ACE DigiTech and ACE Privacy Protection features and announcements:

ACE Professional Risk, a division of ACE USA, is staffed by a specialized team of innovative underwriters and provides management liability, professional liability, and surety products throughout the U.S. For more information about ACE Professional Risk and its range of products and services, please contact Toby Merrill, (215) 640-1390 or visit

Product highlights are summaries only; please see actual policy for terms and conditions. Products may not be available in all locations and remain subject to ACE Professional Risk’s underwriting criteria. ACE USA shall not be a party to any agreement entered into between any Data Breach Team service provider and an ACE policyholder. It is understood that Data Breach Team service providers are independent contractors, and are not agents of ACE USA. ACE USA assumes no liability arising out of any services rendered by a Data Breach Team service provider.

ACE USA is the U.S.-based retail operating division of the ACE Group, headed by ACE Limited (NYSE: ACE), and is rated A+ (Superior) by A.M. Best Company and A+ (Strong) by Standard & Poor’s. ACE USA, through its underwriting companies, provides insurance products and services throughout the U.S. Additional information on ACE USA and its products and services can be found at The ACE Group is one of the world’s largest multiline property and casualty insurers. With operations in 53 countries, ACE provides commercial and personal property and casualty insurance, personal accident supplemental health insurance, reinsurance and life insurance to a diverse group of clients. ACE Limited, the parent company of the ACE Group, is listed on the New York Stock Exchange (NYSE: ACE) and is a component of the S&P 500 index. Additional information can be found at:



ACE North America Communications
Carla Ferrara, 215-640-4744