Professional indemnity risk assessment and management
This article looks at risk assessment and management around professional indemnity.
Comprehensive professional indemnity insurance will cover you if you’re sued because of error, data loss, intellectual property infringement or dishonesty. However, there are a few things that you can do to help keep your indemnity risk to a minimum:
Avoiding copyright issues
Copyright, trade-marks and other forms of intellectual property are integral parts of modern business, especially in the digital era.
You can quickly get yourself into trouble if you, or an employee are not careful about someone else’s intellectual property.
- Be careful what you copy from the internet. Although things online might be used by individuals without any problems, when businesses do so it can cause problems
- Avoid relying on fair use. Some works are allowed to be picked up within ‘fair use’, however this is a complex area of law. To avoid disputes, it’s better not to chance it
- The best advice for avoiding copyright issues is to create your own intellectual property. You will definitely have the right to the work, and it avoids intellectual property difficulties.
Preventing data breaches
One major professional indemnity risk is data breaches. Whether it’s client data that you’re holding, or your own files - which contain confidential client information, a leak of that data could result in legal action being taken against you.
- Make sure you have anti-virus and anti-malware software, and that all your software is up to date. Software updates often fix holes, which hackers exploit. Updating helps to keep you safe
- Encrypt all of your data. While this might not stop highly sophisticated attacks, just using the built-in encryption software on your Mac or PC will stop opportunistic criminals
- Be careful about staff bringing their own devices to work. Laptops, phones and tablets could be have viruses that will get onto your network when they connect to the Wi-Fi.
Battling theft and negligence
A third area of indemnity risk is through theft or employee negligence. By losing client information and data or abusing intellectual property, you’re putting your clients and your own business at risk.
- It might not seem a big deal if someone gets hold of decommissioned laptops, but unless you’ve destroyed or properly wiped the hard drives, criminals could still use that data
- If your staff have laptops or other portable equipment with work data on, make sure they’re always careful with them. Leaving a laptop bag in a taxi is easy, but could be extremely costly
- Make sure everyone is aware of the risks of phishing scams, or the dangers of downloading programmes from the internet. Ideally, you should stop employees from installing new software on computers, and have IT or management handle it instead.
The keys to this type of professional indemnity risk management are training and best practice. Most importantly, managers should be informed, and make sure they lead the way in their handling of risky processes.