If your business stores patient or financial information – whether it’s electronic or paper, stored in-house or on a cloud, or gives your patients the ability to make payments or check personal information online – then you need a cyber policy to protect you from the risk of potential hackers.
Adequate cyber coverage is essential to medical practices today, and the limits included in your Professional Liability policy are often not enough.
Overcoming a cybercrime event often requires both human and financial resources. Research shows that smaller health care practices are targeted precisely because they do not have the resources or security measures in place. A security breach must be dealt with immediately and can shut down a business for several days.
We want to provide you with the resources and knowledge to make the right decision with choosing an insurance carrier that will provide your practice with adequate coverage for your business and your patients. Here at MSVIA, we represent a variety of carriers that are chosen for their financial stability and superior service. Provide peace of mind to your patients and yourself and request a quote from us.
Data Breach Response and Notification – Provides the Insured with forensic assistance to determine the extent of a breach, legal services in complying with breach notification laws, notification via mail or email to affected individuals, as well as public relations and crisis management for the Insured. Policies often provide call center services and credit monitoring services for those affected.
Regulatory Defense and Penalties -Coverage for legal defense costs and penalties from regulatory proceedings from the FTC, FCC or another government entity resulting from a security breach.
Cyber Extortion (Ransomware) - Reimbursement for losses incurred as a result of an extortion threat. Policies often provide help in negotiations, which must begin immediately. Reporting it to the police is usually required.
Business Interruption - Reimburses the Insured for the lost income and extra expenses incurred for a set number of days after a security breach. Policies often have a waiting period. Some policies may include coverage for breaches suffered by other businesses with whom the Insured has a dependent relationship.
Data Protection or Recovery, System Failure – Coverage for expenses incurred by the Insured to recover, unencrypt, or estore lost data, including the costs to determine the extent of the damage and whether it is possible to restore the data.
Data Security and Privacy Liability - Coverage for damages and expenses resulting from theft, loss, or unauthorized disclosure of personally identifiable information that the Insured possesses, failure to prevent a breach or disclose an incident, and violations of privacy law.
Website or Media Liability - Coverage for damages and claims expenses resulting allegations such as libel, slander, defamation, copyright infringement, emotional distress and other acts committed on the Insured’s website or social media. Sometimes printed materials (i.e. brochures) are covered.
PCI-DSS liability/Payment Card Industry - Coverage for fines or assessments levied against the insured for not complying with a payment card services agreement.
Bodily Injury – coverage for claims involving bodily injury, sickness, disease (including death) resulting from a breach, denial of service attach, virus, etc. Can involve a patient’s medical device or if medical records are accessed and changed/deleted.
“Bricking”, Consequential Property Damage – coverage for physical computer equipment if the data security event renders the equipment useless and beyond repair.
Telephone Consumer Protection Act - covers claims involving unsolicited phone calls or emails coming from the Insured, violations of the Telemarketing and Consumer Fraud & Abuse Prevention Acts, CAN-SPAM Act.