Commercial Insurance Blog

13-Jan-2017 Geoffrey Gordon IT

Liability Tips for Information Technology Professionals

Network Administrators and Managed Services Providers help businesses function at the speed of light.  But other businesses are out there testing how to penetrate firewalls or otherwise gain access to valuable information that can be readily resold on the dark web.

If a penetration is successful, and ransom ware is installed, or accounts compromised, or worst case of all, private data released to the public, will the client hold the service provider responsible?

It depends on the amount of damages, for one.  Professional services by IT professionals are similar to other professionals:  if an error or omission causes the client harm and they sue, well there's insurance for that. Liability tips for Information Technology Professionals

A hot area of insurance today is Cyber Liability:  the insurance that protects the company for the financial expense of a hack.  As outlined above, it should include protection for ransomware, data theft, release of "personally identifiable data," and may include coverage for regulatory fines such as those called for in 201 CMR-17 here in Massachusetts.

For IT professionals who watch over these business systems, Professional Liability and Cyber Liability really are one and the same.

Fortunately, custom insurance products have been developed that recognize this crossover of threats, interests and damages. 

What's an IT company to do to keep the Professional Liability insurance costs low?  Begin with a good service contract.  This is part of a broad risk control technique known as "Contractual Risk Transfer" (video).  Contractual Risk Transfer is a fancy way of saying we're transferring the risk back to the client, and enforcing this with a contract.

Another step is to have documented steps for all service personnel.  This facilitates billing the customer (if hourly based), and provides an added measure of defense in case it's alleged that someone simply skipped an important task.

Finally, good communication with the client, both written in the contract and expressed verbally, that supplied services imply no guarantee of safety from the powerful forces trying to steal information from servers you protect.  The best defense could in fact be recommending that every customer with data of any value consider their own liability insurance. Because even if you do have Cyber coverage, you don't want to be the only party in the room who does.

To discuss further, please call the insurance professionals at Gordon Atlantic Insurance at (800) 649-3252.  To pose a question or request a quote, click below.

 HAVE A QUESTION?REQUEST A QUOTE

Cyber Liability  Guide 

Subscribe Blog

Subscribe Here!

Recent Posts

Posts by Tag

See all

Get a Quote

We are local insurance experts serving the South Shore for over 70 years.
Click below to get a free quote for your personal or business insurance.