Cyber Solutions® and MEDEFENSE™ Plus
A comprehensive suite of coverage designed specifically for the health care industry
Reporting a cyber claim is similar to reporting any incident or claim. Sign in to MyAccount and click “Report Medical or Cyber Incident/Claim” to report the incident. If you’re reporting after business hours, download the flyer below to get connected to Tokio Marine HCC – Cyber & Professional Lines Group.
In the health care industry, it’s not a matter of if a breach or violation will occur—it’s a matter of when. Protect your business and reputation with Cyber Solutions® and MEDEFENSE™ Plus.**
Coverage protects policyholders in the event of:
- Privacy and security breaches
- Cyber extortion
- Multimedia liability
- Defense costs
- Fines and penalties related to billing audits and investigations
Cyber Solutions® is a comprehensive suite of data security and privacy insurance solutions that covers you and your reputation in the event of cyber threats—including everything from privacy and security breaches to cyber crime, extortion, PCI DSS assessments, multimedia liability, and much more. Eligible policyholders may include independently owned and operated physician and dental practices with revenues less than $250 million and MPL deductibles less than $250,000.
Eligible policyholders are provided coverage in the amount of $100,000 each claim*. With no deductible, coverage includes both third-party liability claims as well as first-party (direct) costs incurred in the event of a privacy breach.
Keep up-to-speed on cyber threats & how to thwart them
Eligible policyholders receive unlimited access to resources including an online Cyber Security Fitness Check to help identify cyber gaps.
Learn how to proactively manage cyber security, be informed on the latest threats, plus get updates on new laws and regulations around data privacy and security. It’s all available to eligible policyholders on our Tokio Marine HCC CyberNET® website.
Consider CyberNET your online data security risk management service where you can find:
- Online compliance
- Sample policies to implement
- Online cyber expert support
- Step-by-step procedures to lower risk
- Training modules
- Guidance for handling data breaches
A medical group experienced a ransomware attack. The group retained a breach coach and an IT forensics firm to investigate the incident. During the investigation, the forensics team discovered a prior breach of the group’s computer system that began more than two years earlier and appeared to be ongoing. The hacker had created multiple fraudulent administrative user accounts to access records.
The group’s cyber insurance covered the breach notification costs, IT forensic expenses and credit monitoring costs. Additionally, the group’s defense costs to respond to the OCR and state attorney general investigations were covered under the Privacy Regulatory Defense and Penalties coverage agreement.
Cyber Solutions coverage includes:
- $100,000 Cyber Extortion Limit
- $100,000 Cyber Terrorism Limit
- $100,000 Multimedia Liability Limit
- $100,000 Network Asset Protection Limit
- $100,000 Security and Privacy Liability Limit
- $100,000 Privacy Regulatory Defense and Penalties Limit
- $100,000 Voluntary Notification Expenses Sublimit
- $100,000 BrandGuard®
- $100,000 PCI DSS Assessment Limit
- $50,000 MEDEFENSE Plus
- $25,000 Cyber crime
Combined aggregate limits are based on the number of physicians on the policy as of the effective date of coverage.
Managing the ever-changing and complex world of health care—and related governmental rules and regulations—can be daunting, overwhelming and downright worrisome. MEDEFENSE™ Plus has you covered in the event of Medicare and Medicaid billing audits and investigations, or unintentional violations related to government regulatory proceedings, including HIPAA, EMTALA, or Stark.
MEDEFENSE Plus includes coverage for defense costs, shadow audit expenses (for billing error proceedings only), and regulatory fines and penalties. Constellation provides customers with a MEDEFENSE Plus coverage limit of $50,000 for each claim at no additional cost. Coverage is as follows:
- Hospital, facility & senior living: $50,000 each claim and $50,000 annual aggregate.
- Physicians*: $50,000 each claim. The annual aggregate limit is based on the number of physicians on the policy as of the effective date of coverage.
MEDEFENSE Plus coverage includes:
Billing error proceedings
Defense costs, fines and penalties (to the extent insurable by law), and shadow audit expenses brought by:
- Federal or state governmental agencies
- Contractors working on behalf of the government such as ZPIC and RAC
- Commercial payers
Other regulatory proceedings
Defense costs and fines penalties (to the extent insurable by law) incurred in the following:
- HIPAA (Health Insurance Portability and Accountability ACT)
- EMTALA (Emergency Medical Treatment and Labor Act)
An orthopedic medical group received a demand letter from the U.S. Centers for Medicare & Medicaid Services (CMS) claiming overpayments due to billing errors. CMS suspended Medicare payments to the group pending review of approximately 100 patient records.
Under its MEDEFENSE Plus insurance, the group had free choice of counsel, so it retained its own attorney to draft an appeal and eventually negotiate a restitution settlement with CMS. Although the restitution amount was not covered, the group was reimbursed under MEDEFENSE Plus for defense costs in alignment with their policy limit.
**Cyber Solutions is not available to all customers. Eligible policyholders include independently owned and operated physician and dental practices with revenues less than $250 million and medical professional liability deductibles less than $250,000. Some MMIC RRG members may not be eligible for coverage.
Basic MEDEFENSE Plus coverage is available for hospitals, senior living facilities and physician customers. Physician aggregate will vary based on the number of physicians on the policy.
This communication provides a general product summary and should not be construed as a guarantee of coverage. Any claim scenarios described in this communication are hypothetical and used solely for the purpose of illustrating how the insurance is intended to apply to certain situations. Whether, or to what extent, the insurance applies to a particular claim or loss depends on the circumstances of the claim or loss and the terms and conditions of the policy, as issued.