Discuss Home · Bootstrapped Podcast · Scribbleton Personal Wiki · HelpSpot Customer Service Software · Thermostat NPS

E&O Insurance Policy


#1

In my quest to figure out business insurance, I’m starting to look at bit more closely at the actual contracts. Here’s an E&O one:
http://insurance.aon.co.uk/~/media/aon-insurance/files/pdf/psg/it%20professionals/policy-summary.ashx

I thought it might be interesting for us to dissect this a little bit together and maybe generate some questions about it. Obviously we’re not lawyers and this is just our opinion - but I’ve already been starting to generate a lot of ideas about what’s covered and what’s not covered, and I think that might be useful to someone researching this in the future.

Here are a few things I’m starting to wonder. I’ll also update these with answers as I hear back on them.

The way the insurance period works, if a claim arises based on activity prior to the period, would that be covered? So for example, let’s say someone sues you for advice that you gave them in 2013, but your policy didn’t start until 2014. Would that lawsuit be covered?

Exclusion #36 - Programming Errors Exclusion - this seems to be saying that any computer programming error is excluded from coverage. That can’t be right.

Exclusion #35 - PCI implementation - this seems to be excluding anything related to PCI compliance? Kind of an issue with anything ecommerce-facing.


#2

Here’s another interesting one:

Exclusion #41 - Unsolicited communications
notwithstanding part a) of the antitrust EXCLUSION, arising directly or indirectly from any actual or alleged violation of:
a) the CAN-SPAM Act of 2003 or any subsequent amendments
to that Act; or
b) the Telephone Consumer Protection Act (TCPA) of 1991 or
any subsequent amendments to that Act; or
c) any other law, regulation or statute relating to unsolicited
communication, distribution, sending or transmitting of any communication via telephone or any other electronic or telecommunications device.

Obviously my product doesn’t do spam and I’ve checked to make sure that things like abandoned cart emails are legal (although IANAL).

But I have heard of cases in other countries (Germany for example), where someone might be fined for anything that isn’t strictly double opt-in. It sounds like this is saying that you wouldn’t be covered in that case.