Skip to main content

By Neil Adebowale, Director – Sports and Leisure, Partners&

As the UK experiences a surge in retro-style at-home fitness not seen since the likes of Jane Fonda and Cindy Crawford graced our VHS players, gym operators and equipment manufacturers are adapting fast to meet changing market needs. But innovation brings with it new risks – and it’s important that operators connect with the right insurance advice to protect their evolving businesses.

Following COVID-19, the market has been transformed – and online fitness is here to stay. Gyms are operating both in bricks-and-mortar premises and increasingly building online provision for members – from live-streamed classes to 1-on-1 personal training, and hybrid model classes to reach both physically present and remote members.

This can involve the creation of proprietary content, or sharing third-party content. Some models involve a library of videos teaching training techniques – which again may be home-grown or third-party. And, like pay-per-view live-streamed gigs, the online provision can in theory reach far higher numbers of participants.

But inherent in all innovation is new risk. From February to April 2020, cyber-attacks in some sectors increased by over 200%. And with cyber-crime and data breaches hitting headlines, fitness operators need to protect themselves against a range of evolving tech and cyber risks.

Some of the risks I’d highlight with online fitness include:

A member injuring themselves in their own home during a class: In a situation where you have no control over the environment, risk management is important. Are there sufficient warnings for the participants? It’s probably not feasible to do a risk assessment of each setting, but perhaps you can provide key tips on working out safely at home, including ensuring:

  • Adequate space to work out
  • Suitable flooring
  • Checks on equipment beforehand
  • Enough distance between household members joining the class.

The platform crashing due to a hack/virus so you can’t deliver your service: How do you get back up and running fast, and make amends with disappointed members? What’s in your contracts around refunds?

Risk of a data breach: You may hold credit card numbers and medical information among the data included in your PARQ forms. You may think you’re not liable for data if you use a third party to collect credit card and bank details for payments, but in fact you are still at least partially responsible – take a look at our article on Cyber Myth-busting for more information. You could be exposed to lawsuits and fines from the regulator.

Phishing attacks: What if a scammer persuades your staff to share financial or personal information or make a transaction in a “phishing” attack?

Giving the wrong advice: Maybe your camera view is limited during an online PT session and you can’t get the full picture?

How can insurance help?

Getting the right insurance advice can make all the difference to the outcome of a claim – and to the financial robustness of your business.

Public liability: Explain to your adviser exactly what your activities are and look out for any restrictions in the policy. Some providers have restrictions on online class numbers – but you should be able simply to adjust the cover around the activities you want to deliver.

Professional indemnity/wrongful advice: If your business is based on advice, it’s critical that you have professional indemnity insurance in place. If advice is just part of your offering, this can be covered under your public liability insurance by a specific extension for wrongful advice – again, your insurance adviser should know where to pitch is, based on their understanding of your business.

Cyber liability: most responsible businesses are aware that a cyber-attack is a ‘when’ not an ‘if’, and that cyber insurance is now key to the financial protection of any organisation (read our myth-busting blog It Won’t Happen To Me). Cyber Insurance provide protection in two main ways:

  • Liability for third party losses (Third Party Cyber)
  • Liability for your own losses (First Party Cyber)

This can include protection against costs, expenses and liability arising from:

  • Breach of privacy or confidentiality
  • Data breach costs – with the new General Data Protection Regulation, this is critical
  • Regulatory fines or contractual damages
  • Cyber liability – your liability for customer/user financial loss or denial of access
  • Business interruption – for your own lost revenue as a result of viruses, network failure or damage, hacking or cyber-crime causing ‘down-time’
  • Data extortion – protection against the threat of extortion as the result of ransomware, theft of data, or damage to your computer network
  • Problems with an outsourcer – including cloud providers and overseas data processors
  • Costs of restoring or recreating data
  • Costs of minimising reputational damage – hiring a PR firm

One size doesn’t fit all in cyber insurance – it’s important to talk to your insurance adviser about your specific risk exposures so you can be more confident your insurance will deliver on its promise.

Online fitness is just one of the ways in which operators are innovating; it’s important to work with an insurance adviser who really understands the dynamics in your business and can provide the right advice on which cover you need, at which level and why.

Partners& is a specialist insurance broker for gyms and health clubs. A strategic partner of ukactive, we’ll help you to map out pitfalls and tread confidently as your business grows and changes. If you have any questions, please get in touch with me at:

Look out for the latest stories and blogs in our Together series on the ukactive News page and Journal. For the latest sector guidance and daily analysis, visit the ukactive COVID-19 hub.

If you are a ukactive member and want to share your story, please contact your account manager or send an overview of your story to: