By Jensen Peck, Business and Professional Insurance Executive
Cyber liability insurance is often overlooked but is essential for physician groups of all sizes. Ten years ago, cyber liability insurance wasn’t really discussed as a necessary option. Unfortunately, in 2024 there were 14 data breaches involving more than one million health care records affecting 237,986,282 U.S. residents. That’s approximately 69.97% of the nation’s population. A lot of cyber events were able get through by simply using malicious or phishing emails to staff – taking advantage of human error.
You probably know that strong cyber security and good policies and procedures are key to protecting your data, but are you aware of the importance of proper cyber liability coverage and the role it can play in protecting your business and your income? Let’s briefly review some common misconceptions, questions, and basic coverages we often see with cyber liability.
But what if I already have cyber built into my malpractice policy?
Yes, some malpractice insurance policies do have basic cyber coverage endorsements on the policy, but it’s very limited coverage, often excludes crucial coverage, and has very low limits. Two coverages that are often excluded by the cyber endorsement that many groups need are contingent/dependent business interruption and contingent/dependent system failure. Those coverages protect you from financial loss if you rely on third party systems (like EMR) and they are compromised.
How do I know if I have the right limits?
Cyber insurance is usually offered in limit increments of $1M ($1M, $2M, $3M, etc.). Choosing your cyber limits can be difficult since there isn’t always a right answer. Something to consider when setting limits are the types of data you store. Do you store PHI, financial records, Social Security numbers, or just email addresses? The more sensitive the data, the higher the potential liability. If your systems (EHR, billing, scheduling, etc.) go down, how long could you operate without them? Estimate daily revenue loss versus downtime days. Add overtime/temporary staffing costs to catch up. It’s also important to benchmark yourself with industry standards. Luckily for our clients, we can benchmark you against other health care clinics around the country as well as other industries – giving a good picture of where you stand with others with similar revenues.
Much like your employee benefits and malpractice insurance, it’s important to explore your options every few years to ensure that you have appropriate limits and coverages as well as a reasonable premium. Reach out to us if you want to explore any of these options!
Jensen Peck
Business and Professional Insurance Executive
Reach out to me to learn more. You can contact me at jensen.peck@wismedassure.org or 608.442.3731.
Jensen Peck
Business and Professional Insurance Executive
Reach out to me to learn more. You can contact me at jensen.peck@wismedassure.org or 608.442.3731.
Note: This article is for informational purposes only and should not be considered as insurance advice related to your specific policy or situation. Please consult with a qualified insurance advisor or professional before making any policy decisions. Full disclaimer and contact information.