Between minor breaches and major attacks to infrastructure, it’s no wonder that we’re such advocates for Cyber Liability Insurance.
Cyber risks are an exposure that your practice simply cannot escape. Cyber interruptions can not only have a financial impact but it will no doubt affect patient safety if improperly accounted for.
For another installment of “What’s the Diff” we’ve decided to cover compare Stand Alone Cyber and Built-In Cyber.
Built-In Cyber
Depending upon the insurance carrier, your Medical Professional Liability policy may have built-in limits for claims stemming from Cyber Liability. These coverages are often called Information and Network Security, Data, or Cyber.
Each carrier is different so we’ve pulled a sample for a glimpse of what’s covered:
Coverage Highlights
- Information & network security liability – unauthorized release of information
- Media Liability
- Regulatory Privacy Proceedings & Regulatory Fines & Penalties
- Customer notification & credit monitoring expenses
- Electronic data recovery & replacement expenses
- Cyber Extortion
- Cyber Terrorism
Whether you’re a solo physician or part of a group the limits will increase with the size of the exposure to a certain extent. There may also buy-up options within built-in policies that allow for increased limits for an additional premium.
Stand-Alone
When is it appropriate to consider a stand alone cyber policy? If you anticipate the limits available on your current policy would be insufficient should a major breach come about it would be time to consider a stand alone policy.
Judging by the expensive data breaches that pop up every week for multiple
Additionally, if your policy does not have a built in cyber/data breach coverage, consider stand-alone options in order to mitigate these risks.
Key features of interest from a sample Stand-Alone Cyber policy:
Unlimited Retroactive Cover
Since most privacy breaches are discovered long after they first occur. This feature is not common, offering full coverage for events that occur prior to the first inception date of the policy. This aligns coverage with the discovery of the breach rather than date of incident.
Cover for Corrective Action Plan Costs
HIPAA corrective action plans more frequently result due to regulatory investigations against healthcare entities rather than fines. Hence this policy provides coverage for costs associated with plans such as. developing HIPAA compliant information security sets, compliance audits, information security risk assessments, establishing security awareness training programs.
Note: Other features may include Bodily Injury as a result of a Cyber Attack, Post Breach Remediation Costs, and Business Interruption cover tailored to Healthcare Entities.
Is your practice considering adding to current cyber coverage limits or adding cyber liability to your insurance coverage profile? Give us a call directly at 1-800-317-6411 or email us at info@presidioinsurance.com.