Built-In vs Stand-Alone Cyber Liability Insurance

Stand Alone vs. Built-In Cyber Liability Insurance Between minor breaches and major attacks to infrastructure, it’s no wonder that we’re such advocates for Cyber Liability Insurance.

Cyber risks are an exposure that your practice simply cannot escape. Cyber interruptions can not only have a financial impact but it will no doubt affect patient safety if improperly accounted for.

For another installment of “What’s the Diff” we’ve decided to cover compare Stand Alone Cyber and Built-In Cyber.

Built-In Cyber

Depending upon the insurance carrier, your Medical Professional Liability policy may have built-in limits for claims stemming from Cyber Liability. These coverages are often  called Information and Network Security, Data, or Cyber.

Each carrier is different so we’ve pulled a sample for a glimpse of what’s covered:

Coverage Highlights

  • Information & network security liability – unauthorized release of information
  • Media Liability
  • Regulatory Privacy Proceedings & Regulatory Fines & Penalties
  • Customer notification & credit monitoring expenses
  • Electronic data recovery & replacement expenses
  • Cyber Extortion
  • Cyber Terrorism

Whether you’re a solo physician or part of a group the limits will increase with the size of the exposure to a certain extent. There may also buy-up options within built-in policies that allow for increased limits for an additional premium.


When is it appropriate to consider a stand alone cyber policy? If you anticipate the limits available on your current policy would be insufficient should a major breach come about it would be time to consider a stand alone policy.

Judging by the expensive data breaches that pop up every week for multiple

Additionally, if your policy does not have a built in cyber/data breach coverage, consider stand-alone options in order to mitigate these risks.

Key features of interest from a sample Stand-Alone Cyber policy:

Unlimited Retroactive Cover

Since most privacy breaches are discovered long after they first occur. This feature is not common, offering full coverage for events that occur prior to the first inception date of the policy. This aligns coverage with the discovery of the breach rather than date of incident.

Cover for Corrective Action Plan Costs

HIPAA corrective action plans more frequently result due to regulatory investigations against healthcare entities rather than fines. Hence this policy provides coverage for costs associated with plans such as. developing HIPAA compliant information security sets, compliance audits, information security risk assessments, establishing security awareness training programs.

Note: Other features may include Bodily Injury as a result of a Cyber Attack, Post Breach Remediation Costs, and Business Interruption cover tailored to Healthcare Entities.

Is your practice considering adding to current cyber coverage limits or adding cyber liability to your insurance coverage profile? Give us a call directly at 1-800-317-6411 or email us at info@presidioinsurance.com.

Did This Explanation Help? We’d Like to Hear From You!

Leave a Comment

Your email address will not be published. Required fields are marked *