Category Archives: Risk Management

Get It In Writing: Using Written Contracts

“Get it in writing.” They’re four words that you hear all the time and for good reason. When it comes to contracts, all too often a claim arises, or is more severe than it should be, because of a poorly written (or non-existent) contract. A clear, well-drafted contract is the first step you can take to significantly reduce the risk of a claim against your firm. Although sometimes challenging to negotiate, a contract is a vital part of each project and determines the terms of the business relationship and how it will be governed.

Are you looking back at a contract and wondering if it could have been written better? Or are you in the habit of performing work without the benefit of a clearly drafted contract? A well-crafted contract contains many areas, but here is a list of the essentials:

  1. Scope of work: A clear scope of work enables you to know what your client expects of you. By working together and putting the scope of work in writing, you remove any misunderstandings and confusion from the beginning and each party knows its responsibilities. An additional benefit to a clear, specific scope of work is that it also identifies what is NOT your responsibility. It’s important to be cautious if asked to sign a vaguely worded, overly general scope of work as it could lead to potential responsibility of services that are not typically within your realm of experience.
  2. Change orders and change in scope of work: Changes are bound to arise throughout a project and the scope of work may see some modifications. That’s why it’s important for you and your client to mutually agree in writing as to how you will handle these changes. It can help alleviate any disputes should changes arise and also ensures that you are paid for any additional work.
  3. Negligence Standard: The ‘standard of care’ means that you will perform in a manner consistent with the degree of care and skill as others in your field currently practicing under similar circumstances at the same time. Therefore, you will not be legally liable for a mistake unless it can be proven that you were negligent. It’s important to make sure that this ‘standard of care’ is within the written contract and that you are not guaranteeing or warranting your work. As an example for those in the design professional field, it’s recommended that contractual language be changed if it removes the negligence standard and subjects you to guaranteeing your work.
  4. Limitation of Liability Clause: A limitation of liability clause is a provision in a contract that limits the amount of exposure you can face if a lawsuit is filed or another claim is made. A limitation of liability clause can also “cap” the amount of potential damages you have to pay and is a highly effective risk management tool. It can also lower insurance premiums and is allowed and enforceable in most states, as long as the language is clear, agreed upon by both parties, and free of ambiguities.

Once a contract is drafted, make sure to review it carefully for consistency. For example, it’s important to ensure that the same terms are used uniformly throughout the document and are not mixed with other terms that may create confusion.

The goal in drafting a contract is that once it’s signed, it can be filed away and not referred to again as you complete a project and the client pays in a timely fashion. However, in the event of a problem, dispute, or concern, a well-written, clear contract can mean the difference between staying in business or facing legal and financial headaches.

Data and Privacy Breaches

With data breaches all over the news, it’s no wonder businesses want to manage their exposure to the financial risks that accompany these threats. Data breach insurance is often the policy that companies need to protect themselves. Coverage is especially important because of the expense involved with a data breach. According to a 2015 study by risk assessment firm NetDiligence, the average data breach claim costs nearly $674,000. And no company is immune to the risk. Here are a few hypothetical examples across different industries:

CPA Firms: A staff member backs up some client files to an unencrypted flash drive and puts it into her purse. She then goes shopping and her purse is stolen. The staff member had been preparing payroll tax returns for several clients in multiple states. The flash drive included payroll information such as names, addresses, salaries, and Social Security numbers. The firm must now evaluate the severity and scope of the incident. They must consult with legal counsel about compliance with notification laws and with public relations regarding the breach. Finally, they must notify any potentially affected clients.

Real Estate Firms: In order to reduce costs and simplify the process, a small real estate company outsources its information storage and maintenance to a third party company. The third party experiences a data breach and the real estate firm’s data is jeopardized. Confidential information included clients’ Social Security numbers, bank account, credit, and debit card numbers, financial documents, and much more. Unfortunately, this “cost-saving” measure for the small real estate firm results in high legal costs, damage to their reputation, and a loss of business.

Architect and Engineering Firms: Technology is a large part of the architect and engineer’s practice. They routinely use technology to communicate with clients, perform accounting, and share project information. Design professionals also use technology to access information about their clients, including banking account numbers, employee data, and non-public business information. This can leave firms vulnerable to data breaches, malware, ransomware, and spear-phishing against employees. Many architecture and engineering firms are small businesses, which are targeted more often due to their perceived vulnerability. In fact, the National Cyber Security Alliance estimates 71% of security beaches target small businesses.

We all know the best defense is a good offense. That’s why more and more businesses are opting for policies that protect them from liability and expenses caused by a data or security breach. There are primarily two types of insurance offered – first-party and third-party. Here’s a look at both:

First-Party Insurance covers the policyholder’s own losses and can include the following coverage:
• Investigation: costs associated with assessing whether a breach has occurred and measuring the impact and severity.
• Data Loss: costs associated with the tampering or loss of the policyholder’s data.
• Software/Hardware: damages to software systems and/or computer hardware as a result of a cyber attack.
• Loss of Revenue: loss of income or other costs if the policyholder is unable to conduct business due to a breach.

Third-Party Insurance insures for the liability of the policyholder to third parties such as customers, clients, and the government. It can include the following coverage:
• Notification: costs associated with notifying employees, customers, or patients of a breach.
• Regulatory: costs associated with lawsuits or judgments as a result of a data breach. It also covers legal and technical expenses incurred for responding to regulatory inquiries.
• Crisis Management: expenses for public relations and advertising educating customers about the data breach, as well as the policyholder’s response.
• Credit Monitoring: costs of providing credit and/or fraud monitoring services to affected parties.

Cyber attacks can happen in organizations of every shape and size. Hackers also seem to get more sophisticated each day. Covering the risks associated with data breaches is an essential way to stay one step ahead of the “bad guys”.

Limitation of Liability Clause

Who doesn’t want to limit the likelihood of potential lawsuits and other claims? Most companies use insurance as protection, but not all claims are insurable. For architects and engineers, the solution often means incorporating a limitation of liability clause into their contracts. It’s an excellent way to limit the amount of liability undertaken by design professionals and adds a layer of protection and peace of mind should future problems arise. It may also mean the difference between staying in business and financial ruin.

What exactly is a limitation of liability clause? It’s a provision in a contract that limits the amount of exposure a company can face if a lawsuit is filed or another claim is made. A limitation of liability clause can also “cap” the amount of potential damages a company has to pay and is a highly effective risk management tool. It can also lower insurance premiums and is allowed and enforceable in most states, as long as the language is clear, agreed upon by both parties, and free of ambiguities. The limit can apply to all claims that arise during a contract or it may apply to certain causes of action. Limitation of liability clauses typically limit liability in one of the following amounts:

  • Compensation and fees paid under the contract
  • An agreed-upon amount of money
  • Available insurance coverage
  • A combination of the above

Keep in mind that a limitation of liability clause does not protect from claims by third parties, like members of the public or injured workers. However, claims from contracting parties are more likely to occur.

Of course, a limited liability clause is only as helpful as its ability to be enforced. That’s why the way the contract is drafted is key and increases the likelihood that it can be enforced if needed. Here are some drafting tips to keep in mind:

  • Use clear and concise language: It’s important to ensure that the clause is unambiguous as it relates to the contract as a whole, so no questions arise in the future.
  • Make sure the clause stands out and is conspicuous: It’s as easy as using bold face print or underlining the text in order to set the clause apart and make the other party aware of its existence. Some parties even choose to handwrite the dollar amount of the limit and both parties initial the clause to ensure that they’ve read and agreed upon the terms.
  • Negotiate the clause: Discuss the clause with the party that is signing the agreement and make sure there are no questions or problems that need to be negotiated. Also, be sure to keep notes, drafts, and copies in order to confirm the clause was discussed.

A limited liability clause may not be attainable in every client contract for varying reasons, but negotiating one is always a worthy goal. A limited liability clause is usually considered mandatory for high-risk projects or those performed for very low fees. Limitation of liability clause wording can be obtained from legal counsel.