|
I suspect everyone will jump on board the "call a lawyer" train. In my experience a lawyer is just going to send you on the path of least resistance - ie. "yes you should buy insurance". It's a liability for them to have a legal opinion that tells you not to buy insurance. Consider what happens if you get sued and you have a legal opinion from your lawyer saying that you didn't need insurance? You'd then be in a position to sue them. So you may want to just save on your legal expenses and apply it directly to the insurance.
I think the bigger question may be "what type of insurance do you need" and "how much". The problem with asking a lawyer about that is that (for most of them) 1) this isn't their area of expertise and 2) see paragraph number one (they'll likely recommend complete coverage at high amounts).
My advice - call around to multiple insurance providers to get their opinions on what you need. Yes, they're going to try to sell you on more insurance than you likely need, but if you call multiple providers you also have the opportunity to compare and contrast. Some will come in with a lower quote because they don't believe you need options that others are insisting on. Get the reasons for the recommendations and then proceed from there.
One final tip - if you are the sole developer this obviously puts you at more risk. However, this also likely means that there are bigger fish involved with this project. In the case of lawsuits most companies will go after the biggest fish (at least that's what our insurance provider told us) because they have the bigger policy. If the odds of you being targeted is lower because there is one or more bigger fish then your premiums should be less.
Best of luck. I'd personally be interested in a follow-up to see how you made out.
Cheers
|
|
|
|
|
Lawyers will never tell you what you can do, only what you should not; which often conflicts with the reality of running a business and making a living.
|
|
|
|
|
Wow thanks man that's a treasure trove right there... Just what I was looking for from this group...
The sad truth of this story is that these guys are kinda jerking me around a bit; looks like the CFO had this as a pet project but now he might not even be the CFO anymore and so now I'm talking to the CEO about what is actually going on over there...
I will update you on my progress with actually getting/not getting this contact and what the implications might be for a product that they basically handed me functional requirements for that, should I decide to do so, could actually be marketable...
Stay tuned and thanks for the good advice that is valuable for all of us in this business!
Cheers
"... having only that moment finished a vigorous game of Wiff-Waff and eaten a tartiflet." - Henry Minute
"Let's face it, after Monday and Tuesday, even the calendar says WTF!" - gavindon
Programming is a race between programmers trying to build bigger and better idiot proof programs, and the universe trying to build bigger and better idiots, so far... the universe is winning. - gavindon
|
|
|
|
|
I've carried $1M (USD) general liability as a 1099 contractor for years -- not that expensive (<$50/month) and either required by contracts or some peace of mind. My policy required me to answer extensive questions about the type of development once I mentioned healthcare/patient data -- thankfully, I was able to answer no to every question related to "Will someone die if your software doesn't work?".
I think an E&O (Errors and Omissions) rider (again, IANAL) might help to limit your penalties/fines.
I use Harford; based on other replies, I'm looking into Hiscox.
HTH.
--G
|
|
|
|
|
I'm insured by Lloyd' of London through a Toronto broker. I have CAD 5,000,000 liability and 100,000 E&O. The liability also includes things like fire coverage for the building I rent. I think I pay about 1500 per year. 5M is a standard requirement for many government contracts. If I want 1M E&O it would as about $1000.
|
|
|
|
|
Thanks Yvan I appreciate the feedback
"... having only that moment finished a vigorous game of Wiff-Waff and eaten a tartiflet." - Henry Minute
"Let's face it, after Monday and Tuesday, even the calendar says WTF!" - gavindon
Programming is a race between programmers trying to build bigger and better idiot proof programs, and the universe trying to build bigger and better idiots, so far... the universe is winning. - gavindon
|
|
|
|
|
Thanks Glenn, I really appreciate your post and your advice... E & O seems to be a common denominator in the replies I've received... Cheers
"... having only that moment finished a vigorous game of Wiff-Waff and eaten a tartiflet." - Henry Minute
"Let's face it, after Monday and Tuesday, even the calendar says WTF!" - gavindon
Programming is a race between programmers trying to build bigger and better idiot proof programs, and the universe trying to build bigger and better idiots, so far... the universe is winning. - gavindon
|
|
|
|
|
I think your biggest concern may be data. If you download/store any data on your computers that contains sensitive information and that data gets out, you are really in trouble. Best advice, don't download any live data.
I had a friend that stored a backup of a customers data on a USB drive, the same one with his music, and he lost it. THAT cost not only money, but the customer as well. We still don't know if that will surface in the future.
A good umbrella policy is always a good idea...
Don't mind me, I'm just watching
|
|
|
|
|
Wow OK ya, this particular project wouldn't particularly be storing any data about patients/providers so much as it would be meta-data about those who are handling it...
Good advice that I'm taking to heart, thanks so much
"... having only that moment finished a vigorous game of Wiff-Waff and eaten a tartiflet." - Henry Minute
"Let's face it, after Monday and Tuesday, even the calendar says WTF!" - gavindon
Programming is a race between programmers trying to build bigger and better idiot proof programs, and the universe trying to build bigger and better idiots, so far... the universe is winning. - gavindon
|
|
|
|
|
I would (if you haven't already) form an LLC to protect you and your assets. It's cheap, really. And just acts as a pass through for your work.
Then have the LLC buy General Liability insurance, and possibly Professional Liability insurance. General covers things like spilling your coffee in the client's new laptop, professional liability would cover program errors etc.
I carry both. It sucks, but so does buying auto insurance and health insurance.
|
|
|
|
|
I was going to say the same thing, get an LLC, it will protect your personal assets. It cost me $110 to file in my state. Since you are just an indie and don't employ anyone, and your "company" doesn't own any significant assets (property, vehicles, stocks, etc), you might consider skipping the insurance altogether and simply file corporate bankruptcy and close up shop if you ever get sued. Since the chances of an indie developer getting sued are less than winning the lottery, personally I would just keep that insurance money in my pocket. And once you file bankruptcy the chances are very high that the lawsuit will just get dropped.
|
|
|
|
|
codefabricator wrote: Since you are just an indie and don't employ anyone, and your "company" doesn't own any significant assets (property, vehicles, stocks, etc), you might consider skipping the insurance altogether and simply file corporate bankruptcy and close up shop if you ever get sued.
Good point, but sounds a little too iffy for HIPAA stuff... Thanks for your post!
"... having only that moment finished a vigorous game of Wiff-Waff and eaten a tartiflet." - Henry Minute
"Let's face it, after Monday and Tuesday, even the calendar says WTF!" - gavindon
Programming is a race between programmers trying to build bigger and better idiot proof programs, and the universe trying to build bigger and better idiots, so far... the universe is winning. - gavindon
|
|
|
|
|
I also agree, form and LLC or incorporate yourself. Your company will be contracted to do the software development. Should something go wrong and a possible bug cause a problem where the employer or customer sues you, they can only sue the company and not you. By incorporating yourself, you will protect your personal assets and your company will suffer only. It would be wise to get insurance for your company and of course, you are new to this legal arena, consult a lawyer. If any of you CPers know a good attorney that you have a positive experience with, please reply for clientSurfer.
Second, find out what regulatory requirements the software must satisfy. Your employer should have most of this in place and give you an idea of what is expected. Since I have had to write software to satisfy CE/IVD and FDA regulations, I have had several documents to write up, mostly for corporate compliance. One of the worst (most painful) to deal with was risks outline and explanations document. What are the risks, from external and internal. If anything is going over the internet, then there are several pages of risks you can add. There are risks from the operating system that you interact with (even simple file reads and writes). How secure is the file system? How can the user/customer screw up your software? How good are the disk drives you store your data on? A good place to start is using the old data flow diagraming techniques. Start with a context diagram where your system is at the middle and everything else you interact with are surrounding it. All drawings and thoughts will be useful for these documents.
Finally, document everything. This includes all decisions you make and what the alternatives were (and their potential outcomes). You may think that the code is good enough documentation, but don't count on it. This documenting will also save your butt as well as provide your employer (or yourself) with copyright and patent protection. Also, can be used by your employer for copyright and patent litigation (if you feel that a patent is doable). Get a hardbound notebook where the pages cannot be removed with page #s. For each entry, give it a title (at the top), a date, your signature at the bottom of your entry and date and time signed.
Whew, that's a lot. You will work a lot of hours and most of what you do will not be coding, but architecting/designing and documenting. That will expand your resume. If you feel prepared for this job, having all this in mind will help you at the interview. Be sure to ask them about their regulatory requirements and expectations. And mention to them that you are prepared to do the necessary documenting and that you have a good comprehension of English (written and spoken).
Good luck with your endeavor.
|
|
|
|
|
Whew that is a lot and I sure do appreciate your post - that was a wealth of well-taken advice and just good practice reminders in general for all of us coders... Thanks so much
"... having only that moment finished a vigorous game of Wiff-Waff and eaten a tartiflet." - Henry Minute
"Let's face it, after Monday and Tuesday, even the calendar says WTF!" - gavindon
Programming is a race between programmers trying to build bigger and better idiot proof programs, and the universe trying to build bigger and better idiots, so far... the universe is winning. - gavindon
|
|
|
|
|
Unfortunately the LLC bit doesn't technically protect you in the case of a HIPAA violation. The ACA changed the rules so that hospitals could go after individual developers instead of the company they worked for in the event of a breach*. One of the reasons I got out of medical development.
Too often there was a breach costing the hospital huge sums of money and they would go after the software vendor who provided the software for said sum of money. The vendor found it cheaper to close shop and open up again. Same people, different name.
*At least in the initial language allowed it. As I mentioned in a previous post, they changed some rules for the better and I haven't kept up to date.
|
|
|
|
|
RJOberg wrote: One of the reasons I got out of medical development.
Wow man thanks again; sounds like you have indeed been in the trenches with ACA stuff so I sure do appreciate the "realism"...
"... having only that moment finished a vigorous game of Wiff-Waff and eaten a tartiflet." - Henry Minute
"Let's face it, after Monday and Tuesday, even the calendar says WTF!" - gavindon
Programming is a race between programmers trying to build bigger and better idiot proof programs, and the universe trying to build bigger and better idiots, so far... the universe is winning. - gavindon
|
|
|
|
|
wapiti64 wrote: It sucks Only until the day you need to make a claim.
|
|
|
|
|
Yes, and then the fun starts as Insurance companies are in the business of collecting payments and denying claims... so you find out what you've been paying for in a contentious environment!
I subcontract through companies who have required both General and Professional liability insurance. And generally I have had to name those 'parent' companies as co-insured on my policy.
|
|
|
|
|
Richard MacCutchan wrote: Only until the day you need to make a claim.
Amen to that shite
"... having only that moment finished a vigorous game of Wiff-Waff and eaten a tartiflet." - Henry Minute
"Let's face it, after Monday and Tuesday, even the calendar says WTF!" - gavindon
Programming is a race between programmers trying to build bigger and better idiot proof programs, and the universe trying to build bigger and better idiots, so far... the universe is winning. - gavindon
|
|
|
|
|
Definitely have that LLC on the front burner; thanks for your advice about having it buy the General and Pro Liability... Good stuff
"... having only that moment finished a vigorous game of Wiff-Waff and eaten a tartiflet." - Henry Minute
"Let's face it, after Monday and Tuesday, even the calendar says WTF!" - gavindon
Programming is a race between programmers trying to build bigger and better idiot proof programs, and the universe trying to build bigger and better idiots, so far... the universe is winning. - gavindon
|
|
|
|
|
Errors and Omissions insurance runs about $400-$500 per year for about $1MM. Been 1099 in banking application where some, not all, require E&O.
A lawyer will tell you the to get E&O and charge you $500.
|
|
|
|
|
sqlserverprogrammer.com wrote: A lawyer will tell you the to get E&O and charge you $500.
heheh yeah luckily I do know a "good" lawyer (though he has yet to call me back LOL) who, if/when he does call back would probably just say E & O like most folks on here have as well.. Thanks
"... having only that moment finished a vigorous game of Wiff-Waff and eaten a tartiflet." - Henry Minute
"Let's face it, after Monday and Tuesday, even the calendar says WTF!" - gavindon
Programming is a race between programmers trying to build bigger and better idiot proof programs, and the universe trying to build bigger and better idiots, so far... the universe is winning. - gavindon
|
|
|
|
|
Get a lawyer. I'm not a lawyer. But...
It depends very much on what state you live in. Some states make you more strictly liable than others, so totally get a lawyer.
Probably you want to incorporate yourself as an LLC, and have the contract made out to the LLC. Being an LLC limits your liability to company assets. They can't take your home and your retirement funds. Probably. But they can still sue you, and you still have to pay for a lawyer, even if your defense is successful.
Insurers offer a general liability coverage that pays for lawyers and damage awards. You probably have some liability coverage as part of your homeowners insurance right now, but it probably isn't enough for a professional who is a sole proprietor. This insurance is quite inexpensive because despite what you hear, not all that many individuals get sued. Individuals are not big enough targets to pay for million-dollar legal fights. Call your homeowners insurer or auto insurer. After you talk to the lawyer. Beware of a "doughnut hole", a range of costs below which you are covered, and above which you are covered, but inbetween which you are responsible. Insurers like to put the doughnut hole right in the most likely range of liability awards. They have 50 actuaries working tirelessly to find this point. Get a policy with no doughnut hole.
Don't worry too much. It has historically been hard to tag software engineers with liability for coding bugs because it is well understood that all software contains bugs, and the standard of competent practice does not deliver bug-free code. Your liability would be greater if you left a back-door in the code, deliberately did not heed warnings from competent and well-informed people, or actually threw paper copies of medical records into the municipal waste stream.
|
|
|
|
|
OK thanks for the sound advice, esp about that doughnut hole; never heard of that before and I sure am glad you brought it up... Thanks
"... having only that moment finished a vigorous game of Wiff-Waff and eaten a tartiflet." - Henry Minute
"Let's face it, after Monday and Tuesday, even the calendar says WTF!" - gavindon
Programming is a race between programmers trying to build bigger and better idiot proof programs, and the universe trying to build bigger and better idiots, so far... the universe is winning. - gavindon
|
|
|
|
|
When did that
Happen ?
hmm???
Huh, always wondered how to get the "quote" thingy to work!
I must be behind the times.
Marc
|
|
|
|
|