More and more umbrella insurers are resisting adding any type of errors and
omissions (E&O) or professional liability insurance into their policies. As
that happens, more companies are forced to reevaluate whether they need E&O
coverage. And if they do, they likely will be forced to buy such coverage on
a stand-alone basis, at least as it pertains to Technology Errors & Omissions
insurance, or “Tech E&O” for short.
What are the most commonly asked questions by many risk managers about Tech
E&O insurance? What is it? Why do I need it? How does it work? The purpose of
this article is to try to answer these questions for risk managers, to provide
a sort of high-level primer on Tech E&O insurance.
Tech E&O Insurance—What Is It? How Does It Work?
Tech E&O insurance is intended to cover two basic risks : (1) financial loss
of a third party arising from failure of the insured’s product to perform as
intended or expected, and (2) financial loss of a third party arising from an
act, error, or omission committed in the course of the insured’s performance
of services for another.1
Consider a product failure loss example. The insured sells component parts
to a computer manufacturer. The components are installed in the computer manufacturer’s
products. The component parts are supposed to perform a certain function, and
if they don’t, the computer manufacturer’s product doesn’t work (either at all,
or just not as well as it was supposed to work). Six months after the computer
manufacturer’s products are in the market, the insured’s component parts stop
working.
The component parts don’t explode or otherwise break, so they don’t cause
any physical damage to other parts of the manufacturer’s product. They simply
just stop working or working as intended, rendering the manufacturer’s product
totally useless or less useful. The manufacturer now has to recall its products
to replace the faulty component, and has claims against it brought by the purchasers
of the product, and perhaps others as well—all who suffer financial loss because
of the product failure. The computer manufacturer makes a claim against the
insured for all the damages at issue. The foregoing is a product failure example.
(It should be noted that most Tech E&O policies exclude product recall, but
the better ones except from such exclusion the damages for loss of use of the
failed product.)
Now consider an error or omission loss example. The insured is hired to create
a computer system or network for a customer, where the system or network is
supposed to be able to perform certain functions, like process various transactions
being called in from all around the country, or analyze data from sales information
to draw certain conclusions on which the customer can act when implementing
marketing strategies, strategic directions, etc. The list can go on and on.
(Interestingly, when a tech company uses its own products in building such a
system or network or other “solution,” it faces both product failure risk and
error or omission risk.)
However, once the insured finishes putting the system or network in place,
it turns out that it just doesn’t work. It doesn’t draw any conclusions from
the data analysis. It can’t process the transactions like it was supposed to,
or not fast enough in order to make the system viable. The customer now is in
a bad situation. It just paid for something useless, and is suffering financial
loss (lost revenue, increased expenses, etc.) because it doesn’t have use of
the system that it fully expected to have in place. The foregoing is an error
or omission example.
Why Do I Need Tech E&O Insurance?
In my experience, there often are two sources of this question. One is the
risk manager’s mistaken belief that Tech E&O risks are already covered by the
insured’s commercial general liability (CGL) insurance. The other is the risk
manager’s lack of knowledge of whether any of the activities carried out by
his or her company fall within Tech E&O activities or otherwise create Tech
E&O risk.
Isn't My CGL Policy Sufficient?
Let’s take the first issue. It is true that CGL insurance can cover some
of the risks associated with product failure. For example, if the insured’s
product fails and causes physical damage to tangible property (i.e., the first
prong of the “property damage” definition in a typical CGL policy) other than
to the insured’s product, a CGL policy should respond. (It should be noted that in such situations, a Tech E&O policy
typically does not respond, because such
policies have a “property damage” exclusion.)
However, what happens if the product failure does not cause such physical
injury, but just renders tangible property useless or less useful (i.e., the
second prong of the “property damage” definition in a typical CGL policy: “loss
of use of tangible property that has not been physically injured or destroyed”)?
You might be able to run that through a CGL policy, but there are a couple of
exclusions that cause problems, one of which is called the “impaired property”
exclusion. That exclusion purports to bar coverage when tangible property is
rendered useless or less useful because it incorporates the insured’s product
or work and that product or work fails. Depending on a number of facts, this
exclusion can bar coverage for such a claim. But a Tech E&O policy should be
able to respond to such a claim.
These are some of the reasons why Tech E&O insurance is needed. It covers
product failure claims where CGL insurance does not. Indeed, some commentators
such as myself describe the interplay between CGL and Tech E&O insurance as
providing “hand-in-glove” insurance protection; while there might be some overlap
in coverage, as far as product failure goes, there should not be any gaps between
the coverage. If the CGL doesn’t respond because there is no physical damage
and/or the “impaired property” exclusion applies, the Tech E&O should respond.
If there is physical damage, then the CGL policy should respond (because of
the “property damage” definition therein), but the Tech E&O policy should not
(because of the “property damage” exclusion therein).
Do I Even Have Tech E&O Risk?
The other issue that leads to the question of why a company needs Tech E&O
insurance is the risk manager’s lack of understanding whether his or her company
actually has Tech E&O risk. Increasingly, I have witnessed what I call a “convergence
of risk profiles” among historically different types of companies that presented
markedly different risk profiles.
For example, I know of media companies and non-tech manufacturing companies
that have Tech E&O exposure (and, interestingly, companies that have media liability
exposure). Historically, media companies and non-tech manufacturing companies
simply did not need Tech E&O insurance, but as society has increasingly moved
into the computer age, and especially with the emergence of e-commerce, more
and more of these companies face Tech E&O exposure. That is because either at
the top level of the company or somewhere down the line in one of the company’s
subsidiaries, the company is providing tech products and/or services to others.
The only way a risk manager of a non-tech company can know whether his or
her company faces Tech E&O risk is to conduct a risk assessment of the company’s
activities, typically by interviewing various company personnel to get an accurate
description of what, if any, tech products or services are being provided to
others. And, importantly, just mere e-commerce activities, such as business-to-business
(B2B) and business-to-consumer (B2C) activities, expose a company to Tech E&O
risk. If a company has such exposures, they need to seriously consider purchasing
a properly structured Tech E&O insurance program.2
Concluding Remarks
So, those are the basics of Tech E&O insurance. If you are a risk manager
who decides you have Tech E&O exposure, you should seriously consider buying
Tech E&O insurance if your umbrella insurers have excluded all E&O coverage.
Losses in this area, depending on a number of factors, have reached in the tens
of millions of dollars. This is not a risk
that you want to leave uninsured.