7 Potential Breach-of-contract Red Flags

Valynda Murphy
Insurance Experts' Forum, December 19, 2013

Technology companies can be charged with breach of contract for any number of reasons and at any time during the life of a project. However, historical claim activity suggests certain activities, decisions and situations are more prone to land IT providers in hot water. Understanding these red-flag areas can make you a more valuable partner in helping your IT clients avoid and manage the potential risks they face.

It seems logical to assume most breach of contract (BOC) claims against IT companies would be made after projects go live and don't live up to clients' expectations. In reality, the vast majority of claims are made before the acceptance stage, when projects are being scoped, developed, implemented and tested. That's important to know because some insurance policies don't protect IT companies against claims made before acceptance.

Why do so many IT projects go awry and result in BOC claims? Here some of the red flags:

  1. IT companies may set overly ambitious timeframes or oversell their qualifications to get contracts, especially with untested or not-yet-attempted technologies. When this happens, it usually becomes apparent early on. If there's an obvious mismatch in size and capabilities between an IT company and its client, the BOC risk will be higher.
  2. Hiring additional staff to help with large projects can be as risky as not having enough resources. In the rush to get started, IT companies might be tempted to take shortcuts in vetting and training talent, which could lead to problems later on.
  3. IT company clients may oversimplify their needs, not have a clear understanding of the project scope or not be adequately engaged. That's why it's important to have robust documentation, signoff and quality control procedures in place — especially when there are midstream changes involving time, scope or money.
  4. Third-party involvement is another concern because it can make your IT clients liable for the shortcomings of its subcontractors. For example, if an IT company hires a cloud service provider for a project, and that provider is victimized by a cyber attack, the IT company could be sued by its customer. That's why it's critical for IT companies to have both first- and third-party BOC coverage.
  5. The higher the sensitivity of the information being processed, the greater the risk. If the IT customer is a hospital and it is fined for Health Insurance Portability and Accountability Act violations, you can bet that hospital will seek remuneration from its IT provider.
  6. Similarly, the more critical information is to helping a company achieve its mission, the more likely the IT provider will be targeted if problems arise. Issues with a metrics system may be tolerated and addressed without consequences, but if an e-commerce company's website crashes, the ramifications could be severe.
  7. If the end user of the product or service is the general public, the risk increases simply because of the number of people who may be affected by problems and the increased likelihood of class action lawsuits. The risk multiplies if property damage or bodily injury could result from failures linked to the IT provider.

The best IT risks are those companies whose size and capabilities are suited to the projects and clients they accept. Of course, small providers can't become big providers unless they stretch their abilities and tackle more complex challenges. When this happens, it's important those IT firms are protected by appropriate coverages backed by companies with people who have the technical knowledge to mitigate risks and navigate around contractual challenges.

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments...

Already Registered?

If you have already registered to Insurance Networking News, please use the form below to login. When completed you will immeditely be directed to post a comment.

Forgot your password?

Not Registered?

You must be registered to post a comment. Click here to register.

Blog Archive

To Quantify or Not — That is the Question with Modernization

Making the quantitative case is a long-practiced ritual in many insurance organizations.

3 Reasons DevOps Matters

Every insurer needs to compete on products and information turned around in light-speed fashion.

Coordinate Coverages to Manage Social Media Exposures

The bottom line is that no one policy will cover all the exposures in the social media realm.

The Internet of Things: Helping Insurers Make Better-Informed Decisions about Risk

The IoT is a major game changer for the insurance industry, and will likely affect every part of the insurance value chain. After all, insurance is data-driven, and that’s exactly what the IoT can deliver—relevant, actionable, real-time data that can provide an accurate picture of what is being—or may be—insured.

Software-Defined Everything

What does it take to virtualize all the key components in your data center?

On Thanking the Regulator … Really

The Financial Conduct Authority is demanding higher standards of consumer protection from insurers, which could lead to greater customer engagement and understanding.