Photo of John Buchanan

John Buchanan

John Buchanan, senior counsel in Covington's Washington office and the firm's first Insurance Practice Group Coordinator, has represented policyholders in insurance coverage advocacy, dispute resolution and counseling for nearly four decades. His practice has ranged from the early DES and asbestos coverage litigation to claims for some of the largest cyber losses in history. John has litigated, arbitrated or negotiated a wide variety of complex property and casualty insurance claims, from railroad derailment claims to satellite-in-orbit claims, and from silver-theft claims to cyber claims. The National Law Journal named him an Insurance Trailblazer in 2021, and Best Lawyers has twice named him Washington Insurance Lawyer of the Year. Chambers USA has also consistently recognized him in its national rankings for insurance coverage lawyers (currently as Senior Statesman, previously in Band 1), as have Best of the Best USA, Who’s Who Legal and other peer reviewed lawyer registries.

John became involved with emerging cyber-related coverage issues in the mid-1990s and co-authored one of the earliest treatise chapters on cyber insurance coverage in 2001. Starting with the network intrusion and payment card thefts discovered by TJX in 2006, he has represented policyholders pursuing claims for losses arising from data breaches reported to involve tens of millions of compromised records. John also regularly advises businesses in the management of their cyber and cyber-physical risks, such as those arising from products or services involving the Internet of Things (IoT)-, Artificial Intelligence (AI), Connected and Autonomous Vehicles (CAVs), and the Metaverse or “Web3.”

Digital Health

In this bonus edition of our checkup series, Covington’s global cross-practice Digital Health team considers some additional key questions about product liability and insurance coverage that companies across the life sciences and technology sectors should be asking as they seek to fit together the regulatory and commercial pieces of the complex digital health puzzle.

1. What are the key questions when crafting warnings and disclosures?

If your product is regulated, your warnings and disclosures will need to comply with any relevant regulations. In the case of a product not regulated by the FDA or equivalent regulatory body, first consider how your warnings and disclosures will be incorporated into the use of the product.

Some disclosures, like an explanation of the data source used by software, may fit best in terms and conditions that a user sees before using the product. Key warnings, however, may be more appropriately placed as part of the user experience.

Example: A warning that patients should consult their doctors if necessary may need to be placed in proximity to specific medical content.

Best Practice: Consider your intended audience: are you writing warnings for doctors, patients, or institutions? The appropriate types of disclosures will vary across populations. Patient-directed warnings may also need to be written in simplified language.

Best Practice: Consider whether it is appropriate for your product to have users to accept or otherwise be required to agree to the warnings and disclosures.

Continue Reading Digital Health Checkup (Bonus): Product Liability and Insurance Coverage

Although the National Cybersecurity Awareness Month of October has come to a close, it is not too late for corporate counsel and risk managers to be thinking about cyber-risk insurance — an increasingly essential tool in the enterprise risk management toolkit. But a prospective policyholder purchasing cyber insurance for the first time may be hard put to understand what coverage the insurer is selling and whether that coverage is a proper fit for its own risk profile. With little standardization among cyber policies’ wordings, confusing labels for their covered perils, and little interpretive guidance from case law to date, a cyber insurance buyer trying to evaluate a new proposed policy may hardly know where to focus first.

After pursuing coverage for historically major cyber breaches and analyzing scores of cyber insurance forms over the past 15 years, we suggest the following issues as a starting point for any cyber policy review:
Continue Reading Top Tips and Traps for Cyber Insurance Buyers