If you own a business, you hold many different policy types, but sometimes distinguishing between the different policies, and understanding which events would be covered under each policy type can be confusing. As a starting point, it’s worth understanding the intention behind the various insurance types, and who may require them. Below, we break down 2 policy types – Professional Indemnity and Cyber Insurance and examine how they differ….

Professional Indemnity Insurance (PI) is designed specifically for businesses who provide professional services or advice. It is intended to help cover you and your business in the event a client alleges your professional negligence or breach of duty while you provided your professional service or advice caused them damage, injury, or a financial loss. PI may help cover the legal fees you incur in defending a claim or investigation costs of a claim that is covered by your PI policy, as well as compensation you might be required to pay. The policy may respond to allegations relating to your professional service or advice; however, it is important to keep in mind, a key requirement for potential cover to be provided under a PI policy is that the allegation must be an insured professional service stated on your policy schedule. For example, if your PI policy covers you for Occupational Therapy, but you add a service that is not within scope of practice for an Occupational Therapist, then it’s possible your policy may not respond to the claim.

Examples of claims which may arise under Professional Indemnity for health professionals include allegations of unprofessional conduct, service complaints, breach of confidentiality, and error or omission in the advice provided. Like most insurance policies, PI policies will have some exclusions in place which may impact cover. Consultation with your broker can ensure you receive the most appropriate coverage for your business.

Cyber insurance is designed to help cover your business’ financial loss if it falls victim to cyber event. It can help cover a wide range of cyber related risks, and risks relating to information technology infrastructure. Cyber related risks may include, unauthorised system access, electronic attacks or privacy breaches, hacking and phishing attacks, malware infection (including spyware or Ransomware) and computer virus.

A claim under cyber insurance may cover several costs, liabilities and losses associated with the cyber incident in question. Firstly, if you suffer an attack, it’s likely you and your business will incur costs at your own expense because of the event, these may include costs to obtain advice and support; costs to identify the source and scope of the attack; restore your systems; recover your data and notify victims of privacy breaches. While these examples are not exhaustive these costs are known as ‘first party losses.’.

If your business experiences a cyber-attack, it may also cause financial loss to the third parties you deal with, such as clients and/or suppliers. For example, if you transmit a computer virus to a third party or disclose confidential information, that third party may suffer their own losses.Cyber Insurance may help cover your liability for these costs, this is called ‘third party liability’.

Following a cyber-attack, it can be tricky to work out what your next steps should be to minimise damage, so another important feature that may be included under Cyber Insurance is access to an incident response specialist. An incident response specialist role is to help coordinate the steps your business may need to take to recover from the cyber incident. Examples of actions that can be taken are:

• a forensic investigation of your computer systems
• obtaining legal advice
• responding to regulators if needed (for example if there has been a privacy breach)
• public relations support to help minimise reputational damage
• costs to secure your computer systems against a future cyber attack

Not all businesses require PI Insurance, for example, a business that is not involved in providing a professional advice or service is unlikely to require PI. Cyber Insurance on the other hand is likely to be applicable to all businesses that have a digital footprint, such a website or if it stores personal data. Professional Indemnity Insurance is unlikely to cover cyber events.

Cyber insurance cover can vary between policies so when considering Cyber Insurance options, it’s important to carefully review the potential cyber risks that your business faces, along with the potential loss you could suffer following a cyber-attack when deciding which cover option to select.

If you have further questions on the intention of an insurance policy your considering, speaking with your Broker may assist to help clarify the intention of the policy coverage and if it’s a policy which your business should consider.