Frequently Asked Questions*

What is the North American Data Security RPG?

North American Data Security RPG (the "Company") is a risk purchasing group formed in Michigan and authorized under the Liability Risk Retention Act (the "LRRA"), which is a federal law enacted in 1986 to facilitate access to liability insurance on a more cost-efficient basis. As a risk purchasing group and pursuant to the LRRA, the Company is permitted to collectively purchase liability insurance on behalf of group members to cover their similar exposures that result from the members' common practices or activities.

If a merchant has multiple merchant accounts, is each account protected for $100,000?

The Merchant Data Security Policy (the "Policy") issued to the Company generally provides $100,000 of protection for each MID and an annual aggregate limit of $500,000 for merchants with multiple locations.

Who is eligible to become a member of the Company?

Any Level 2, 3 or 4 merchant account is eligible, provided the merchant account has not already suffered a data compromise.
Level 1 merchant accounts are not eligible.

Must a merchant account be Payment Card Information Data Security Standard ("PCI DSS") compliant in order to become a member of the Company?

No. However, if a merchant account experiences a breach, the merchant account must become certified compliant before that merchant can participate in coverage under the Policy.

Are Level 4 merchant accounts breached often?

Yes. 90% of merchant account breaches occur at small businesses with less than 1 million transactions per year.

For a brief overview of the program click HERE.

*The information provided in this FAQ and brochure is for general information purposes only. The actual policy should be reviewed for specific terms, conditions, limitations, and exclusions that will govern in the event of loss.