Three reasons E&O insurance is a must-have for tech companies

Incorporating the right technology into business operations can help streamline processes, enhance connectivity, and create better experiences for end users. But the same tech that creates these efficiencies can also pose new risks to the tech companies that develop them. Members of the Liberty Mutual Global Risk Solutions (GRS) middle market and cyber teams share three reasons why firms providing hardware, software, and services are often vulnerable to risks other companies might not face — and how errors and omissions insurance (also called E&O) can help protect them from losses.

When it comes to insurance, third-party financial loss is not treated the same way as third-party bodily injury or property damage. For instance, traditional property and casualty (P&C) insurance often covers third-party claims for bodily injury or property damage when a product fails. But what if the product is software, and a software malfunction leads to third-party financial loss rather than harm to people or property?

“Many tech firms, especially software producers, do not provide tangible products,” says Matt Henry, senior underwriting officer for technology at Liberty Mutual GRS. “When their software doesn’t work, it doesn’t allow their customers to operate — and that sort of loss isn’t covered by traditional P&C insurance.” Tech E&O insurance provides coverage for financial injury arising out of these types of contingencies.

Imagine a scenario where a software company created a healthcare app that allows medical staff to collect patient data. As a nurse is using the app, it glitches and doesn’t save the patient’s information; as a result, the patient receives the wrong medication later on, suffering harm. This scenario could result in multiple claims: first, the patient could make a bodily injury (BI) claim against the hospital; and second, if the hospital finds a repetitive issue with that software that requires it to be replaced or discontinued, the hospital could make a claim against the software company for their financial loss incurred during the period of outage, or the time it takes to source and implement a replacement solution. In this case, the hospital’s claim would likely be an E&O claim, so both P&C and E&O insurance would be required to cover both types of claims.

“Tech firms may produce a software product that spans potential bodily injury, property damage, and financial loss,” notes Henry. “Putting your coverage with a carrier that can offer a comprehensive solution for both is a good risk-management technique.”

In this and other such examples, what would happen if the software company did not have tech E&O to help cover the loss and transfer risk? Costs could grow rapidly, impairing its ability to operate. Depending on the type and size of the claim, smaller or middle market companies without E&O coverage might even find themselves facing bankruptcy.

Contract disputes between a tech company and its customers (like the hospital in the previous example) are common claims drivers for tech firms. Knowing about potential problems ahead of time, and proactively vetting your contracts, can help protect the firm later. Here are some common ways that contracts can put tech companies at risk. 

When it comes to accepting contracts with large companies or organizations, many small or midsize tech firms feel they don’t have the leverage to negotiate. To preserve these asymmetric relationships, they might accept contracts without fully vetting them, leading to ambiguous terms. Later, they may struggle to meet ambiguous milestones or fulfill ambiguous conditions. Tech E&O insurance can help with claims in this situation in two ways: it might cover legal defense if the tech firm is sued, and it assigns an experienced claims manager to evaluate the situation and help you understand it and what is covered. But it’s not a magic wand to wave away a disadvantageous contract, which is why vetting contracts is so important.

Due to their complexity, software solutions can be difficult, costly, and time consuming to implement. A mismatch of client expectations and the complexity of software integration can lead to problems. “Software is very complex,” notes Mark Kurland, executive underwriting officer for middle market multi-industry/technology at Liberty Mutual GRS. “Often, the customer might not fully understand how it ultimately works. And because they don’t understand it, they may have unreasonable expectations.” This creates ample opportunities for misunderstandings and dissatisfaction with supposed failures to provide efficiencies or hit arbitrary marks. Indeed, this disconnect between expectations and reality can lead unhappy customers to allege that the software company has breached the contract. For this reason, it is important to make sure that all milestones and deliverables are properly outlined in the contract.

Tech companies may perform services for years without a problem, but between contract amendments and additional work commitments, something can go wrong that suddenly makes a client unhappy. “This can happen,” says Brian Ross, senior underwriting officer for financial lines at Liberty Mutual GRS. “One day your client comes to you for whatever reason and says, ‘I’m not happy. I’m not paying this invoice.’ Then, when the insured (the tech company) sues for nonpayment of fees, you’ll see a breach of contract claim by the client saying you didn’t perform.” The insurer may then have to step in to investigate, followed by litigation in the courts — an expensive process that can take years.

New or non-defined uses of technology can also lead to errors, malfunctions, and claims. One recent example involves video conferencing. “During the pandemic everyone was switching to remote work, and a lot of employees began using video-conferencing apps,” explains Elisabeth Case, global product manager for cyber at Liberty Mutual GRS. “There were examples of uninvited people crashing other people’s calls, which brought new risk to the tech company. Don’t forget that the tech you created for a specific thing may be used differently than was intended. And does the use of your technology change your risk? Yes, it absolutely could.”

The most convincing argument to add tech E&O coverage might be that, increasingly, it’s required by customers — and failing to have this type of insurance could mean losing out on bids. “Often, E&O is going to be required in a contract in order to win a customer,” explains Kurland. “And if the coverage ever gets triggered, it acts as a risk transfer mechanism where the insurance carrier defends against the claim and covers related costs, which can be significant.”

In the broadest sense, there is an aspect of cyber risk in any activity that a tech firm will undertake. Like any other company, tech firms can be hacked — and the effects can trickle down to their customers, producing liability. On top of the IT security measures that every company should be taking in today’s heightened cyber risk environment, software companies should also carefully consider the security of the tools they are developing. Many of the software solutions being offered today are cloud based, which puts firms in the position of housing a large amount of client data. In these conditions, a data breach or security issue can cause a breach or issue for your downstream clients as well.

Just as a combination of E&O and P&C coverage offers dual protection for bodily injury and financial loss, E&O and cyber insurance products are both key for tech firms in this case. To achieve full protection, tech firms will need solutions that cover all these various losses.

In an environment of financial losses and complex customer engagements, partnering with your insurer is one of the best strategies for developing a complete solution that will cover all potential scenarios. Working with the same carrier for tech E&O and cyber, for example, can help ensure gap-free coverage regarding limits, terms, and conditions.

Be sure to ask your provider what other services and resources are available to help you proactively manage your risk.

For example, Case says, “Liberty Mutual’s cyber offering comes with risk-management tools such as an online portal and hotline.” This includes access to resources to build cyber resiliency and engage with experts if things go wrong, a cyber risk scorecard, employee training, and a phishing simulation to find and fix vulnerabilities.

Finally, tech firms need to pay close attention to contracts and, when necessary, seek advice from legal counsel. Even — or especially — when the potential client is a large firm, due diligence is fundamental. The key is to be thoughtful and not simply say “yes” to contracts, however tempting. All contracts should define how the technology in question will be used, what “success” means, and which risks each party will be assuming.

Tech Insure, Liberty Mutual’s technology professional liability solution, is designed to help protect technology companies against claims for errors, omissions, and other wrongful acts arising from the services they provide. In a field where exposures can cut across different lines, Tech Insure protects against both professional and cyber liability exposures — all in one convenient policy. Learn more about Tech Insure here. Learn more about our cyber liability solutions here.