In response to a question we’re regularly asked by prospective customers, we decided to write an article briefly discussing the differences between cyber liability insurance and technology errors and omissions insurance while also explaining why these two different policies should be combined. We’ve written multiple times about each of these types of policies separately, but understanding how they work together will ensure your company is not only getting the most from each type of insurance but that there aren’t any critical gaps in protection.
As we’ve talked about in the past, errors and omissions insurance is to service-based businesses what product liability insurance is to companies selling tangible goods. If you are a technology-based business or a technology-enabled business, chances are you will be looking to purchase a technology errors and omissions (tech E&O) policy to protect your company in the vent that one of your tech-based services fails just like a business selling physical goods would purchase a product liability policy to respond in the event that one of its products fails. For companies who develop or license software including SaaS startups, the insurance industry considers software a service and not a product so you’ll fall within this bucket and should always have tech E&O in place. Critically, there is one key risk nearly every technology company faces that an errors and omissions policy will not respond to: the loss of private third-party information.
What About Data Breaches?
In today’s digital age, virtually all companies store and access personally identifiable information about third-parties. From customer email lists to payment information, data has become an integral part of running a company. This holds especially true for tech companies putting them at the greatest risk for having third-party information exposed, lost, or stolen. And, the exposure that comes along with having access to or storing this kind of data is not protected by a pure technology errors and omissions insurance policy. This is where cyber liability insurance comes into play. Cyber liability policies are specifically designed to cover the costs associated with a breach of third-party data in the event the data is lost or stolen. This, in itself, is the primary difference between tech E&O insurance and cyber insurance. In summary, technology E&O responds to the failure of a service or software and cyber responds to the loss of private third-party private information.
bookmark_border Free Resource
Package, Package, Package!
Finally, what happens if a company’s technology or software service fails as and as a result, data on third-parties is exposed? While a pure tech errors and omissions policy would respond to the service failure, the data breach would be explicitly excluded. More importantly, while a standalone cyber liability policy is designed to cover data breaches, this particular breach would be excluded from coverage by a pure cyber policy because it was caused by a service failure. This is exactly why companies should package their tech E&O with their cyber liability insurance which allows the two policies to share coverage triggers and respond to any situation that involves both a services failure and a data breach.
At Layr, we are experts at navigating the complex insurance landscape and have a deep understanding of the insurance nuances faced by today’s technology companies and startups. This article is but one example of how important it is that insurance policies be placed properly and why working with an experienced and knowledgeable insurance broker can make all the difference in the world.