Secondary Blocks


This guide explains the different parts that make a insurance block.



Understanding the nuances of an insurance block in a tech contracts is critical as it serves as a bulwark against unforeseen circumstances, thereby ensuring the financial stability of both parties. It acts as a protective shield, safeguarding the parties from potential financial losses or legal disputes that could arise. Consequently, all parties involved should pay careful attention to the insurance block during contract negotiations to ensure adequate and appropriate coverage.


Insurance cover

This part outlines the requirement for the Provider to obtain and maintain appropriate insurance coverage for the entire duration of the agreement. The purpose of this insurance is to protect against any claims that may arise from the services provided by the Provider. The specific types of insurance and their minimum coverage limits are outlined within this section.

Increase in cover

This part allows the Customer to request an increase in the Provider’s insurance coverage if the Customer feels that the current insurance is insufficient. This ensures that the Customer has the flexibility to adjust the coverage requirements based on their assessment of the risks involved in the project.

Failure to maintain

This part addresses the consequences if the Provider does not maintain adequate insurance coverage. In such a scenario, the Provider remains liable for all their obligations under the agreement, and the Customer is not held responsible for any liabilities arising from the Provider’s failure to maintain insurance coverage. This emphasizes the importance of maintaining proper insurance coverage for the protection of both parties.

Period of cover

This part establishes the required duration of the insurance coverage. The coverage must be active throughout the entire agreement and for a specified period after the termination of the agreement. This ensures that there is continued protection for both parties even after the completion of the project or termination of the contract.

Primary cover

This part stipulates that the insurance policies obtained by the Provider must be considered the primary insurance. This means that in the event of a claim, these policies will be the first to respond, and no other insurance policy or self-insurance program of the Provider will be called upon to contribute. This provides clarity on which policies are responsible for covering claims related to the agreement.

Insurance certificate

This part requires the Provider to provide the Customer with certificates of insurance as proof of the required insurance coverage. The certificates must be submitted before the commencement of services and upon the renewal of any such policy. The certificate must evidence the required coverages and name the Customer as a certificate holder entitled to a 30-day written notice following any cancellation, reduction, or change in coverage.

Important considerations

World Commerce and Contracting Principles

World Commerce and Contracting provides the following principles relating to insurance-

Parties to a contract should have reasonable assurances that if a claim or indemnification obligation were to arise, the liable party will have the financial capability to cover that liability. Having applicable insurance policies in place is one way to mitigate that concern, particularly with companies that may not have the size or capitalization to meet potential contract liabilities.

Although it may be appropriate for insurance coverage obligations to apply to both parties, typically, they are imposed on suppliers and subcontractors, given their more active role in contracts with respect to obligations that could give rise to breaches and damages, compared to customers, whose roles tend to trigger less need for insurance (e.g., payment of bills, acceptance of goods) in contracts.

While it may be justifiable to include a requirement that a contracting party must obtain third party insurance coverage in a contract, it may also be acceptable for a contracting party to self-insure (either on its own or through a captive insurer) if it is well capitalized with the financial resources to meet any foreseeable exposure under the contract (e.g., it is a Fortune 1000 company or a well-capitalized business and the limitations of liability are quite manageable).

Insurance clauses should specify the types of coverages the party(ies) will be required to maintain over the life of the contract and the coverage amounts. These types should reflect the specific risks that are applicable to the contract and relationship rather than based on a one-size-fits all approach. Factors to consider in determining which types of policies a party must maintain are

  1. industry norms,
  2. what products or services are being provided and the risks associated with them,
  3. size or value of the contract and applicable risk allocation(s),
  4. the costs of obtaining the applicable policies, and
  5. geographic availability of certain policies from reputable insurers.

Given the current focus on data protection and cyber breaches, there are growing requirements for related insurance coverages, particularly where potential liability for breaches is unlimited or limited by a super cap. Contracts should be clear as to which contracting party is liable in the event of a data breach/cyber loss and to what extent and whose insurance will cover the losses. This clarification is especially important for outsourcing or professional services contracts that provide digital data transfers, in which case the supplier should generally bear the risk for data breach/cyber events caused by the supplier’s breach of a contractual obligation.

Generally, there are two different insurance products available:

  1. Cyber Liability Insurance, which addresses a supplier’s cyber security issues with its network or disclosure of private information; and
  2. Data Breach Insurance, which is usually a part of a supplier’s Errors & Omissions policy (also known as Professional Liability insurance) and provides coverage for a Supplier’s failure of services.

Policies can also be bundled to include both Cyber Liability and Data Breach.

Customers should consider liability carve-outs and limitations of liability, which can dilute the magnitude of any negotiated supplier insurance levels (i.e., liability caps are lower than the required policy amounts).

Typically, policy limits are a standard request based on the size of the supplier and the size of the potential claims under the contract (e.g., $2M, $5M, $10M). In general, there should be no need to demand insurance coverages that exceed applicable caps on liability under the contract. Other factors to consider are:

  1. potential damages if something goes wrong,
  2. nature of products or service (i.e., mission critical or minor routine operations),
  3. size of supplier (i.e., large multinational or small startup),
  4. with respect to cyber security, is supplier touching customer’s personal data or health information,
  5. what caps are applicable to supplier’s liability.

Generally, policy limits should be realistic, proportional, and commercially reasonable.

Contracts should ensure that required insurance policies (and coverages) are maintained through a reputable insurer (using a minimum rating level determined by an independent generally accepted rating agency such as A.M. Best) and that the other party is notified if the coverage is reduced or eliminated during the term of the contract. Certificates of Insurance should be provided upon request to certify that the insurance requirements continue to be met.

To the extent permitted under applicable law, parties should waive their respective Rights of Subrogation so as to avoid the other party being held liable for a claim, unless the waiver is prohibited in the applicable policies.

The presence of insurance covering a party’s breach should not affect the other party’s obligation to mitigate the damages and to prove the harm alleged. Nor should the breaching party avoid liability by demanding that the claiming party deduct from a claim what its insurance would cover.

Some policies preclude coverage for intentional misconduct or illegal acts – and those breaches may likely be subject to unlimited liability either explicitly under the contract or as a matter of public policy. Accordingly, insurance may not provide the intended protection to the other party in those circumstances.

Ninja holding a laptop explaining tech contracts

Interested in our Contract Builder?

Table of Contents

Master contracts now
Elevate your career!

Try for free. No credit card required.

9 Responses

Elevate your legal game with ContractNinja.

Form part of the spearhead movement of shaping the global standard for tech contracts.