How MSPs Can Avoid Uncovered Claims
Why MSP’s Should Align the Indemnity Section of the MSA with the Wrongful Act Definition in the Insurance Policy
When entering into an IT services contract, it’s important to make sure that the indemnity provision in the contract aligns with the definition of a wrongful act in a professional liability insurance policy. This alignment can help to ensure that the parties are properly protected in the event of a claim and that any damages that may arise are covered by the insurance policy.
The indemnity provision in an IT services contract is typically a clause that requires one party to compensate the other for any losses or damages that may arise as a result of a breach of the contract. This provision may be reciprocal, meaning that both parties are required to indemnify each other, or it may be one-sided, meaning that only one party is required to indemnify the other.
Here is a sample indemnity provision from a Master Services Agreement for a Managed Service Provider:
Client shall defend, indemnify, and hold Provider harmless against all costs and expenses, including reasonable attorney’s fees, associated with the defense or settlement of any claim that:
• Provider’s use, access, or modifications of any software that Client has requested that Provider use, access, or modify as part of the Services infringes any patent, copyright, trademark, trade secret, or other intellectual property right;
• Any claim related to software licensing and software licensing compliance; or
• Any claim related to any federal, state, or international law or regulation involving data privacy, data protection, or data breach to which Client is subject.
Client shall pay any judgments or settlements based on any such claims.
Subject to the limitation of liability set forth in the section titled LIMITATION OF LIABILITY, Provider agrees to indemnify and hold Client harmless from and against all loss, liability, and expense including reasonable attorney’s fees caused by Provider’s:
• negligent act, error, omission, or misrepresentation;
• breach of any contractual term implied by law;
• other act, error, or omission giving rise to civil liability arising out of business activities performed for Client.
The definition of a wrongful act in a professional liability insurance policy is typically a definition of the types of acts that are covered by the policy. For example, a policy may define a wrongful act as any act, error, or omission that is committed by the insured in the performance of professional services.
It is important to carefully review the definitions in the insurance policy because it may only include coverage for a “media wrongful act,” which may be defined as “plagiarism, copyright infringement, defamation,” or other acts that do not include data privacy breach or other technology-related failures or intrusions. If your liability coverage does not include or define wrongful acts for professional services, data privacy, or cybercrimes, then it is advisable to shop around for a policy that does.
When aligning the indemnity provision in an IT services contract with the definition of a wrongful act in a professional liability insurance policy, it’s important to ensure that the language in the contract and the policy are consistent. For example, if the definition of a wrongful act in the policy requires that the act be committed in the performance of professional services, the indemnity provision in the contract should also use this language. This can help to ensure that any damages that arise as a result of professional services are covered by the insurance policy.
Sometimes the insurance carrier defines “professional services wrongful act” as “…the following when actually or allegedly committed by you, a rogue employee, or on your behalf:
• an error, unintentional omission, or negligent act in your performance of enterprise services;”
If the carrier specifies coverage for this wrongful act as only in your performance of enterprise services, then it is also advised that the Master Services agreement tailor the language in the indemnification provision to reflect the defined insurance coverage.
It’s also important to consider the scope of the indemnity provision in the contract. The indemnity provision of the MSP’s customer contract should be written so that it is as broad as the coverage provided in the insurance but no broader. This approach reduces the risk that the MSP will be responsible for uncovered claims.
In conclusion, aligning the indemnity provision in an IT services contract with the definition of a wrongful act in a professional liability insurance policy is important for ensuring that the parties are properly protected in the event of a claim. Careful consideration of the language used in both the contract and the policy, and ensuring that the scope of the indemnity provision is sufficient, can help to ensure that any damages that may arise are covered by the insurance policy.