The new ACA / Obamacare health insurance exchanges, which went live yesterday, provide an excellent case in point for cyber and professional liability issues that programmers should be aware of. Here’s a look at how the new health insurance marketplaces can teach all programmers a thing or two about managing cyber and professional liability.
ACA Marketplaces: A Primer for Programmers
The Affordable Care Act calls for "online marketplaces," where people can buy health insurance. In practice, these take the form of websites with various insurance information and purchasing options.
Consumers sign on to the sites, fill in their personal and financial information, and receive health insurance quotes from providers. I won't go into detail about the law or the coverage options – you can get that info from the news.
But let's look at these online marketplaces / exchanges from a different perspective: the perspective of a programmer. What liabilities do programmers have who create online marketplaces like the ones being used to sell health insurance?
Problems with Pricing: Online Marketplaces Create Professional Liabilities
One of the problems that programmers have had with the Obamacare website is pricing. Prices for healthcare are determined by geography, the level of coverage the consumer wants, and a consumer’s income. Creating a system that accurately prices insurance (and subsidies) has proven extremely complicated.
The Wall Street Journal estimates that in the days leading up to Obamacare's official start date, the marketplaces only got prices correct two-thirds of the time. In other words, they were wrong a third of the time.
The difficulties in estimating the cost of coverage is one of the professional liabilities programmers behind these websites face. Making inaccurate software or failing to deliver fully functioning software will not only upset your clients, but it can also lead to lawsuits.
Just like the ACA programmers, the work you do may be extraordinarily complicated. You may finish a custom-built program for a client only to have them yelling in your ear two weeks later when they've discovered a bug that affects their accounting.
Your professional liabilities can be covered with Errors and Omissions Insurance, which protects independent contractors and programmers from lawsuits over the quality of their work.
Handling Personal Data Exposes Tech Businesses to Cyber Risk
As an independent programmer, you probably won't be handling any projects as massive as the huge ACA healthcare marketplaces. These websites will have data from millions of users – credit card numbers, bank info, and SSNs – the key information cyber criminals are looking to acquire.
But even if your scale as different, you face the same types of liabilities. It's important to remember that all programmers are liable for their clients' cyber security. If you design an online marketplace or application for your client, you can be sued if hackers break in and steal customer data.
Sometimes, this happens at no fault of yours. Security vulnerabilities can be inherent in your coding language (e.g., Java) or an operating system. You might do nothing wrong, but cyber criminals will still find ways to hack your program. When they do, you can be held liable. (For an example of a Java security weakness, check out the article "Java Function Exposes All Bitcoin Users to Theft, Highlights Errors and Omissions Liability Issues").
To protect yourself from cyber liability lawsuits, you should consider purchasing Cyber Liability Insurance with Third Party coverage. While your Errors and Omissions Insurance covers your professional mistakes, it doesn't pay for lawsuits over hacks. You'll need Cyber Liability Coverage for that.
How much Do E&O Coverage and Cyber Liability Insurance Cost?
To get an idea of how much your business insurance will cost, check out our free sample insurance quotes for programmers and independent contractors. These samples are based on our experience working with some of the nation’s top-ranked cyber liability insurance carriers to find coverage for a variety of small technology companies.