7 Potential Breach-of-contract Red Flags

Valynda Murphy
Insurance Experts' Forum, December 19, 2013

Technology companies can be charged with breach of contract for any number of reasons and at any time during the life of a project. However, historical claim activity suggests certain activities, decisions and situations are more prone to land IT providers in hot water. Understanding these red-flag areas can make you a more valuable partner in helping your IT clients avoid and manage the potential risks they face.

It seems logical to assume most breach of contract (BOC) claims against IT companies would be made after projects go live and don't live up to clients' expectations. In reality, the vast majority of claims are made before the acceptance stage, when projects are being scoped, developed, implemented and tested. That's important to know because some insurance policies don't protect IT companies against claims made before acceptance.

Why do so many IT projects go awry and result in BOC claims? Here some of the red flags:

  1. IT companies may set overly ambitious timeframes or oversell their qualifications to get contracts, especially with untested or not-yet-attempted technologies. When this happens, it usually becomes apparent early on. If there's an obvious mismatch in size and capabilities between an IT company and its client, the BOC risk will be higher.
  2. Hiring additional staff to help with large projects can be as risky as not having enough resources. In the rush to get started, IT companies might be tempted to take shortcuts in vetting and training talent, which could lead to problems later on.
  3. IT company clients may oversimplify their needs, not have a clear understanding of the project scope or not be adequately engaged. That's why it's important to have robust documentation, signoff and quality control procedures in place — especially when there are midstream changes involving time, scope or money.
  4. Third-party involvement is another concern because it can make your IT clients liable for the shortcomings of its subcontractors. For example, if an IT company hires a cloud service provider for a project, and that provider is victimized by a cyber attack, the IT company could be sued by its customer. That's why it's critical for IT companies to have both first- and third-party BOC coverage.
  5. The higher the sensitivity of the information being processed, the greater the risk. If the IT customer is a hospital and it is fined for Health Insurance Portability and Accountability Act violations, you can bet that hospital will seek remuneration from its IT provider.
  6. Similarly, the more critical information is to helping a company achieve its mission, the more likely the IT provider will be targeted if problems arise. Issues with a metrics system may be tolerated and addressed without consequences, but if an e-commerce company's website crashes, the ramifications could be severe.
  7. If the end user of the product or service is the general public, the risk increases simply because of the number of people who may be affected by problems and the increased likelihood of class action lawsuits. The risk multiplies if property damage or bodily injury could result from failures linked to the IT provider.

The best IT risks are those companies whose size and capabilities are suited to the projects and clients they accept. Of course, small providers can't become big providers unless they stretch their abilities and tackle more complex challenges. When this happens, it's important those IT firms are protected by appropriate coverages backed by companies with people who have the technical knowledge to mitigate risks and navigate around contractual challenges.

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments...

Already Registered?

If you have already registered to Insurance Networking News, please use the form below to login. When completed you will immeditely be directed to post a comment.

Forgot your password?

Not Registered?

You must be registered to post a comment. Click here to register.

Blog Archive

Data Governance in Insurance Carriers

As the insurance industry moves into a more data-centric world, data governance becomes more critical for ensuring the data is consistent, reliable and usable for analysis.

Fear This

Just days before this Issue, which contains our security cover story, went to press, we got some interesting news: 1.2 billion unique usernames and passwords and 542 million email addresses were reportedly stolen from 420,000 websites, according to The New York Times. The websites ranged from Fortune 500 companies down to small online retailers.

Should You Back Up Enterprise Data to the Cloud?

Six questions that need to be asked before signing on with an outside service.

Modernizing Information Management

While better reporting and actuarial analysis help to support financial decisions, improved analytics and decision making greatly assist the rest of the organization.

5 Strategies to Change the Game

Allstate's director of technology and operations says disruptive innovation has the power to completely change industries — ours included.

Strategic Planning: Here and Now

Insurers’ annual strategic planning efforts can benefit from an infusion of tactical reality.