Q: How should I invest in insurance for my startup? What types of insurance do I need? What can I expect from the claim process?
A: A full risk assessment of your company’s developing business requires an audit of your potential liabilities. However, as a general rule for startups, the following five forms of insurance coverages should be considered: Comprehensive General Liability (CGL) Insurance; Directors and Officers Liability (D&O) Insurance; Cyber/Media (Cyber) Insurance; First-Party Property Insurance; and, Employment Liability
Since insurance companies do not like to part with the premiums they have collected, certain exclusions in these policies and common attempts to bar coverage should be kept in mind.
1. Comprehensive General Liability Insurance
CGL insurance protects the company’s assets when a claim is brought for alleged third-party bodily injury, property damage, personal property or advertising injury. The most valuable part of this type of insurance is its requirement that the insurance company provide a defense for your company when such claims are brought and that they pay your defense costs. A defense must be provided even when there is only a potential for indemnity coverage. To ensure the best defense, if possible, you should try to make sure you either have a say or have the right to choose counsel to defend your company.
CGL policies contain an ever-expanding list of exclusions and conditions that are designed to prevent coverage. These must be kept in mind when considering whether to make a claim. First, insurance policies usually require notice of a claim or loss due to alleged bodily injury, property damage, advertising or personal property damage caused by your company “as soon as practicable.” The law across the country varies widely as to what that means. However, if notice is given “late,” which could be simply a few weeks or less, no coverage may be available. That’s right: you will not have any coverage whatsoever. So don’t sit around and think about it, give notice. You can always withdraw the notice if the matter fails to develop.
Most CGL policies these days have specific exclusions for third-party claims of damage due to patent infringement and other forms of intellectual property. Similarly, almost all CGL policies now carry specific exclusions for cyber-based data losses, such as liability for the loss of intellectual property (yours or a third party’s), personally identifiable information like credit card numbers, other financial information and the like.
Since most service contracts require that a company have at least $l million in CGL coverage, even if you think you can get away without it, you will have to purchase it anyway.
2. Directors and Officers Liability Insurance
To help grow the company, it is always a good idea to have well-known individuals in your industry as members of your board or in your stable of officers. These individuals will insist that they be protected from litigation concerning their business decisions. This is where D&O coverage comes in. D&O policies protect officers and directors from claims alleging that they made wrongful business decisions that negatively impacted the value of the company, the value of the stock or diluted the company assets, etc. This is often called Side ‘A’ coverage. Like CGL insurance, the most valuable aspect of D&O insurance is that it requires the insurance company to either defend each officer or director or advance the costs of such defense. A company can also purchase what is called Side ‘B’ coverage that protects the company itself from such claims, and even other add-on coverages. But, with limited budgets, Side ‘A” coverage is essential.
Like CGL policies, a key to preserving this coverage is to provide timely notice. Moreover, this type of coverage is written on a “Claims made” basis. This requires that if a claim is made against a director or officer, even if it is for wrongful acts that took place some time ago, that claim must be reported to the insurance company during the policy period or the extended “Discovery” period, if purchased. Again, failure to do this will result in the insurance company trying to bar coverage altogether. As in the case of CGL coverage, you should strive to have the greatest choice of counsel to defend your company in such cases.
3. Cyber/Media Insurance
Recent surveys of top executives now indicate that cyber attacks, hacks, malware, loss of personally identifiable information and intellectual property are at the top of their list of concerns. The Target, Sony and Anthem Blue Cross/Blue Shield hacking incidents are just some of the most celebrated examples. Thousands of hacks have taken place costing hundreds of millions of dollars and the problem is getting worse, not better. New concerns have been raised that systems connected to the internet can and will be manipulated by unscrupulous hackers that will or already have placed malware on those systems. Cyber insurance was designed to address many of these issues. Currently, there are over 40 companies that are selling some form of Cyber, or sometimes called Media, policies. Although the need for such insurance is clear, there is no standard Cyber policy form and each of the competing companies’ policies contain untried provisions, terms and definitions that have not yet reached the courts for decision.
For companies that use the cloud or provide such services, have valuable intellectual property to protect or house others’ intellectual property, or have developed hardware that is connected to the Internet, this type of coverage could be very important. As noted, however, since these policies are not “standard form,” it is essential that companies considering the purchase of such coverage include security and privacy experts and coverage attorneys in the process.
Cyber insurers are beginning to resist claims from companies that they believe have not instituted “industry standard” programs to secure their systems and data. With Federal and state governments, as well as foreign governments, enacting regulations and proposed “best practices,” Cyber insurance has become even more important. Consulting with Cyber insurance experts is therefore essential. We have a team that provides such audits for a minimal cost.
Potential Cyber insurance policy issues include notice, definitions of what is covered, choice of law and jurisdiction, and choice of forum. As with other insurance coverages, since the law varies on a state-by-state basis, a requirement to litigate or arbitrate under the law of a state that is not favorable to policyholders is problematic. Conditions regarding who must have known about a hack and how quickly that hack must be discovered and noticed to the public or those impacted are also issues that are in development.
4. First-Party Property Insurance
This type of insurance provides coverage for physical damage to your company’s property. The best form of this coverage is called “All Risk” coverage. Such “All Risk” coverage provides protection for all forms of damage to your buildings and equipment that is not specifically excluded. For companies with significant infrastructure, such insurance, which includes traditional fire insurance, is particularly important. For those in the tech industry, for example, although Cyber insurance may cover loss or destruction of the data, unless an endorsement is added, one needs First-Party Property insurance to protect against damage to the servers themselves. Moreover, one can often add coverage to such policies for Business Interruption losses due to the down time involved in replacing or fixing the equipment and getting back to full operations.
First-Party Property insurance claims issues include determining the “cause” of the damage or destruction, the costs of repair, replacement and whether business was lost as a result. Exclusions in these policies include, among other things, damage or loss of your property due to machinery breakdown, wear and tear, and design defects. Although one of the more important advantages of this form of coverage is to provide your company with payments from the insurance company as you are paying for the repairs, etc., often insurance companies will drag their feet by taking the position that they are not sure about ultimate coverage because a full investigation has not been completed. Coverage counsel may be needed here to move interim payments along.
5. Employment Liability Insurance
This type of insurance is sometimes paired with Workers Compensation Insurance or D&O insurance. This insurance may be particularly helpful for companies that employ highly skilled and highly sought after technology and skilled labor employees. The key advantage is when a dispute develops with a highly trained or paid employee who claims he or she has been discriminated against because of their gender, nationality, ethnic, race or sexual orientation or even age. Such claims can be expensive to litigate and settle.
The benefit of this type of insurance is that the insurance company must provide a defense or pay for the company’s costs of defense. The issues that develop often focus on the particular facts of the dispute and whether the actions involved are ultimately indemnified under the policy.
Insurance is a necessary evil in this modern global economy. Nevertheless, simply because your staff is able to tell the board “We have insurance” does not mean it is the appropriate insurance for your company or that it is being utilized properly. It is important to view insurance as an asset and, like another other company asset, certain actions are required to maximize it.
 Other insurances like Workers Compensation Insurance must also be purchased based on state regulations and, for example, government contracts regulations.
As startup lawyers, we often receive inquiries from passionate entrepreneurs and founders seeking guidance on when they should consider taking their side projects to the next step by forming a legal entity. Forming a company is a “crossing the Rubicon” moment for any startup. It’s an essential step…
Given this week’s headlines, many emerging companies may be asking themselves: “Why am I holding so much cash?” The Investment Company Act of 1940 (the 1940 Act) may be to blame. “But I don’t have any intention of being an investment company. Aren’t those mutual funds or…
In the three days since federal authorities announced sweeping measures to protect depositors of Silicon Valley Bank (SVB) and Signature Bank and help prevent additional bank failures (as discussed in our update of March 12, 2023), the U.S. banking system appears to have stabilized, at least temporarily.…