From our sister company Beecher Carlson

WHAT INSURANCE TO REQUIRE

Vendors providing software, software or systems development, or hardware and consulting services.

Technology Professional Services and Products Coverage

Vendors should be required to purchase Technology Errors and Omissions covering liabilities arising from errors, omission etc in rendering computer or information technology services. The best coverage is for “all products and services of the Insured” and is specific with its inclusion for both products as well as services. Very few markets are now following this approach with most defining professional services for each company. The Beecher CyberSelect program incorporates coverage for “services performed for others by or on behalf of You in the ordinary course of Your business activities” the broad “all risks” approach

Privacy Liability Coverage

If the Vendor has access to confidential information of the client whether it be personal or commercial in nature, the policy should cover liability arising from the disclosure of confidential information whether electronic or non‐electronic. The Beecher CyberSelect Program policy provides coverage for the “The actual or suspected theft, loss, failure to protect or the unauthorized disclosure of Personally Identifiable Information or any Third Party’s information that is not available to the general public”.

Media and Content Coverage

If the services provided by the vendor involve publishing or creating of content, Media Liability coverage which includes cover “for Unauthorized use of any advertising material, or any slogan or title… infringement of copyright, title, slogan, trademark, trade name, trade dress, service mark, or service name… plagiarism or unauthorized use of a literary or artistic format, character, or performance in your covered material.  Some limited coverage may be provided under the General Liability policy for hese types of exposures but these are now mostly excluded if information is provided through a network.

Software Copyright Coverage

If the vendor is creating code for the client or integrating code with clients code, the policy should have coverage for software copyright which will provide protection in the event that any code that is provided is the subject of a claim that the vendor did not have the license to use it. This coverage will also protect against the claims arising from open source software copyright infringements from code that infringes public licenses.

Network Security Coverage

If the vendor has access to its client’s network or is connected to its clients network or has employees working inside the clients facility, coverage for network security and failures should also be requested to cover liability for unauthorized access or use of those systems.

An example request for coverage might read: Vendor shall purchase and evidence hnology Errors & Omissions (or technology professional liability coverage) insurance, including cover for collection, theft, loss or disclosure of confidential information and data, media and content rights infringement and liability, network security failure and software copyright infringement with limits of______________ (limits vary depending on size of vendor and criticality of application). I

Internet/Application Service Providers

(vendor to whom Client has outsourced functions such as web hosting)

Technology Professional Services and Products Coverage

Vendors should be required to purchase Technology Errors and Omissions covering liabilities arising from errors, omission etc as a result of the services they are providing. Where the services are prescribed in the contract a professional liability policy describing those services as the covered services may be sufficient. Beecher would recommend the broader coverage for “all products and services of the Insured” to cover unexpected events. The Beecher CyberSelect program incorporates coverage for “services performed for others by or on behalf of You in the ordinary course of Your business activities” the broad “all risks” approach.

Privacy Liability Coverage

If the Vendor has access to confidential information of the client whether it be personal or commercial in nature, the policy should cover liability arising from the disclosure of confidential information whether electronic or non‐electronic. The Beecher CyberSelect Program policy provides coverage for the “The actual or suspected theft, loss, failure to protect or the unauthorized disclosure of Personally Identifiable Information or any Third Party’s information that is not available to the general public”.

Media and Content Coverage

If the services provided by the vendor involve publishing or creating of content, Media Liability coverage which includes cover “for Unauthorized use of any advertising material, or any slogan or title… infringement of copyright, title, slogan, trademark, trade name, trade dress, service mark, or service name… plagiarism or unauthorized use of a literary or artistic format, character, or performance in your covered material. Some limited coverage may be provided under the General Liability policy for these types of exposures but these are now mostly excluded if information is provided through a network.

Software Copyright Coverage

If the vendor is creating code for the client the policy should have coverage for software copyright which will provide protection in the event that any code that is provided is the subject of a claim that the vendor did not have the license to use it. This
coverage will also protect against the claims arising from open source software copyright. It is less likely that software copyright is required for ASPS than for othertechnology vendors but it may be prudent to include the coverage in a request.

Network Security Coverage

If the vendor has access to its client’s network or is connected to its clients network or has employees working inside the clients facility, coverage for network security and failures should also be requested to cover liability for unauthorized access or use of those systems.

An example request for coverage might read: Vendor shall purchase and evidence Technology Errors & Omissions (or technology professional liability coverage) insurance, including cover for collection, loss or disclosure of electronic data, media and content rights infringement and liability, network security failure and software copyright infringement liability with limits of ___________ (limits vary depending on size of vendor and criticality of application).

Companies providing content

Media and Content Coverage

Companies providing content should be required to purchase Media Liability coverage which includes cover “for Unauthorized use of any advertising material, or any slogan or title… infringement of copyright, title, slogan, trademark, trade name, trade dress, service mark, or service name… plagiarism or unauthorized use of a literary or artistic format, character, or performance in your covered material. Some limited coverage may be provided under the General Liability policy for these types of exposures but these are now mostly excluded through professional liability exclusion.

Privacy Liability Coverage

In the event a content provider has access to confidential information of the client whether it be personal or commercial in nature, the policy should cover the disclosure of confidential information. The Beecher CyberSelect Program policy provides coverage for the “The actual or suspected theft, loss, failure to protect or the unauthorized disclosure of Personally Identifiable Information or any Third Party’s information that is not available to the general public”.

Network Security Coverage

If the content provider has access to its client’s network or is connected to its clients network or has employees working inside the clients facility, coverage for network security and failures should also be requested to cover liability for unauthorized access or use of those systems.

Broader Media coverage can be obtained for the following in addition to the coverage provided under the Beecher Vendor Insurance program can be obtained on a stand alone basis.
1. defamation including libel, slander, product disparagement or trade libel;
2. negligent or intentional infliction of emotional distress, outrage or outrageous conduct;
3. piracy and misappropriation of ideas under implied contract or other misappropriation of ideas or information;
4. unfair competition, but usually only when alleged with other claims
5. deceptive trade practices or fraud, but usually when alleged with other claims
6. conspiracy, but usually only when alleged with other claims;
7. breach of an indemnification or hold harmless agreement, but usually only when alleged with
other claims such as those referred to above;
8. negligent supervision of an employee, but usually only when alleged with other claims
9. errors or omission in content or material.

An example request for coverage might read: Vendor shall purchase and evidence Media Errors & Omissions (or Media Liability) insurance, including cover for collection loss or disclosure of data, media and content rights infringement and liability, with limits of _______________ (limits vary depending on size of vendor and criticality of application).

Partners, or affiliates connected to your network.

Network Security Liability

If Customers, Partners, affiliates or anyone else has a connection to or access to the companies coverage for privacy and network security liability can be requested.  The Beecher CyberSelect Program policy provides coverage for the “The actual or suspected theft, loss, failure to protect or the unauthorized disclosure of Personally Identifiab e Information or any Third Party’s information that is not available to the general public”.

Privacy Liability Coverage

In the event Customers, Partners, affiliates or anyone else has access to has access to confidential information whether it be personal or commercial in nature, the policy should cover the disclosure of confidential information. The Beecher CyberSelect Program policy provides coverage for the “The actual or suspected theft, loss, failure to protect or the unauthorized disclosure of Personally Identifiable Information or any Third Party’s information that is not available to the general public”..

An example request for coverage might read: Vendor shall purchase and evidence Privacy and Network Security (sometimes otherwise known as Cyber Liability) coverage providing protection against liability for (1) systems attacks (2) denial or loss of Service attacks (3) spread of malicious software code (4) unauthorized access and use of computer systems and (5) liability arising from the collection, theft, loss or disclosure of confidential data with coverage with limits of ____________. (limits vary depending on size of vendor and criticality of application).

This document is for general guidance only. For any particular transacation, companies should seek the assistance of qualified counsel. Beecher Carlson does not accept any liability for the contents of this document