How to Manage Risk Using Construction Insurance & Bonds – Part 10: Cyber Security and Building Information Modeling (BIM) Insurance

By AIA Contract Documents

March 6, 2023

One of the best ways to manage risk on construction projects is through insurance and bonds. Throughout the next several weeks, the AIA Contract Documents Program is going to release a series of articles pertaining to construction insurance. This is Part 10: cyber security and BIM insurance.

What Type of Insurance is Available for Cyber Security and BIM Issues?

To understand issues surrounding insurance related to cyber security, BIM, and other types of electronic data, it is important to understand what a typical Commercial General Liability (CGL) policy includes and excludes. Most CGL policies may exclude coverage for cyber security and electronic data (i.e. BIM) based upon how they define “property.” Specifically, if a policy defines “property” to exclude things like “electronic data” or “facts or programs stored as or on, created or used on, or transmitted to or from computer software…”, then that policy may not provide coverage for issues related to cyber security or electronic data. Some policies will also not cover “damages arising out of the loss of, loss of use of, damage to, corruption of, inability to access, or inability to manipulate electronic data.”[1] As a result, it is prudent to review your CGL policies to determine if these exclusions exist and, if so, work with insurance counsel to make sure you are covered – especially if your project includes BIM. Most insurance companies have adapted to this need in the marketplace by providing riders or standalone policies covering cyber security and BIM risks.[2]

Do AIA Contracts Contain Insurance Requirements Related to Cyber and BIM Insurance?

Yes. For example, Section A.2.5 of Exhibit A to A101-2017, below, allows the parties to decide whether the owner will purchase cyber security insurance, and how much.

  • A.2.5 Other Optional Insurance.

The Owner shall purchase and maintain the insurance selected below.

(Select the types of insurance the Owner is required to purchase and maintain by placing an X in the box(es) next to the description(s) of selected insurance.)

[    ]         § A.2.5.1 Cyber Security Insurance for loss to the Owner due to data security and privacy breach, including costs of investigating a potential or actual breach of confidential or private information.

(Indicate applicable limits of coverage or other conditions in the fill point below.)

Additionally, Section 7.1 to the AIA’s revised BIM exhibits (E201-2022 , for example) contain a fill point wherein the parties can add certain insurance requirements specifically related to BIM and digital data risks:

  • 7.1 In addition to those insurance requirements set forth in the Agreement, all Project Participants developing or using Models or Digital Data shall purchase and maintain the following insurance coverages:

(List below any insurance coverage to be provided by all, or certain, Project Participants developing or using Models or Digital Data.)

Stay tuned for Part 11!

AIA Contract Documents has provided this article for general informational purposes only. The information provided is not legal opinion or legal advice and does not create an attorney-client relationship of any kind. This article is also not intended to provide guidance as to how project parties should interpret their specific contracts or resolve contract disputes, as those decisions will need to be made in consultation with legal counsel, insurance counsel, and other professionals, and based upon a multitude of factors.  

[1] Stephen D. Palley, et al, Construction Insurance: A Guide for Attorneys and Other Professionals, 97-98 (2011).

[2] Types of cyber coverage, 4Pt2 Bruner & O’Connor Construction Law § 11:573.