What does the duty of care for the IT supplier entail?

Do you provide services in the field of IT? If so, your contracts with clients will presumably state that you, as the supplier, will make every effort to achieve a certain result without guaranteeing this result. As a result, the client cannot simply say that you have violated your agreements when the result is ultimately not achieved. An argument may then ensue whether you made sufficient efforts. But what efforts are actually expected of an IT supplier? And does it matter that there is nothing about this in the contract? You will read the answer to this in this article.

What is a duty of care?

A duty of care means the obligation for you as an IT supplier to act as a reasonably competent and reasonably acting professional. In other words, you as an IT supplier, are expected to exert yourself to a certain level during the work. Sometimes specific agreements are made about this in the contract, but this does not have to be the case. For example, does the contract not state that you must warn your client about the risks of the job? If so, you will probably still have to do this because of your duty of care.

Why do IT suppliers have a duty of care? This is because there is often a big difference in knowledge between the IT supplier and the client. The duty of care rebalances this difference. In general, therefore, the greater the clients’s lack of expertise, the greater the supplier’s duty of care.

What efforts are expected from an IT supplier?

The specific efforts expected of you as an IT supplier are fleshed out by case law. It would go too far to discuss them all in this blog article. Therefore, I list the general effort obligations below and give some examples.

• Duty to investigate: Are you going to advise a client? If so, you are expected to do some research on this client in order to provide the best possible advice. Think about research into the client’s business structure. Or research into the client’s existing hardware and its characteristics. For example, does a client want to buy specialized hardware? Then you are expected to investigate whether this hardware can reasonably be used by your client.
• Information and warning obligations: Because of the difference in knowledge, you are expected to actively warn your client of existing risks and inform them of matters about which your client has no knowledge. In doing so, you must always put your client’s interests first. An example. Suppose your client purchases a software package because it is said to contain certain functionalities that are in the client’s interest. Despite the fact that the client may demand these functionalities from the package, they turn out to be missing. As an IT supplier, you must inform the client about this.
• Project monitoring: As an IT vendor, you are expected to do everything possible to make the project a success. You must deploy the right personnel and point out to your client what you think is needed for proper completion. You must also monitor the progress of the project. Do the client’s many changes cause things to stop moving forward? Or do you notice during execution that the costs are only increasing without any benefit to the client? If so, you should point this out to the client and possibly even direct them to stop the project.
• Cost control: As an IT supplier, you are in the best position to estimate the costs. A client has less insight into this. As a result, the client is not always able to properly assess the impact of an order or changes therein on the total cost. You should therefore point this out to your client. For example, does your client indicate that he wants third-party software to run on the IT system you supply? If so, you must inform the client of the possible additional costs involved, such as additional costs for necessary updates.
• Quality standards: A client should expect a certain quality from you. Do you need to deliver a certain system to the client? If so, this system must meet industry standards. For example, ISO standards.
• Provide backup: If you are hired for an assignment where there is a risk of data loss, you must ensure the security of the client’s data. For example, as an IT vendor, you cannot simply assume that the client has made a usable backup of all data themselves. So you need to check this or possibly make it yourself before you get started.

Would you like to know what your client can expect from you in a specific situation? If so, feel free to contact us. The question of how far your duty of care extends ultimately depends on the specific situation. For example, matters such as the scope of the assignment, the contractual agreements about it, the risk of damage and the client’s expertise play an important role.

What are the consequences of breaching the duty of care?

Is it established that you as an IT supplier have violated your duty of care? Then this can be seen as a breach of the contract with your client. This is because you have then failed to comply with the agreement to make adequate efforts. As a result, the client may terminate the contract and/or claim damages from you.

Contact

Do you have any questions as a result of this article? Or other questions about IT and ICT law? Then please contact one of our lawyers by email, telephone or fill in the contact form for a free initial consultation. We are happy to think along with you.