Reporting a cyber claim is similar to reporting any incident or claim. Sign in to our website and click “Report a Medical or Cyber Incident/Claim” to report the cyber incident. If the incident occurs after hours, download the flyer to get connected to Tokio Marine HCC – Cyber & Professional Lines Group.

In the health care industry today, it’s not a matter of if a breach or violation will occur—it’s a matter of when. Protect your business and reputation with Cyber Solutions® and MEDEFENSE® Plus—included with most medical professional liability (MPL) insurance packages, at no additional charge and with no deductible.

Coverage protects your organization in the event of:

  • Privacy and security breaches
  • Cyber extortion
  • Multimedia liability
  • Cyber crime
  • Defense costs
  • Fines and penalties related to billing audits and investigations

Eligible policyholders include independently owned and operated physician practices, hospitals, senior living and other health care facilities with revenues less than $250 million and MPL deductibles less than $250,000.

Cyber Solutions® is a comprehensive suite of data security and privacy insurance solutions that covers you and your reputation in the event of cyber threats—including everything from privacy and security breaches to cyber crime, extortion, PCI DSS assessments, multimedia liability, and much more.

$100,000 in coverage is provided as an endorsement to your MPL insurance policy, with the option to purchase up to $10,000,000 in coverage. With no deductible, coverage includes both third-party liability claims as well as first-party (direct) costs incurred in the event of a privacy breach.

Keep up-to-speed on cyber threats and how to thwart them

As a policyholder of MMIC, UMIA, Arkansas Mutual or MMIC RRG, you receive unlimited access to resources including an online Cyber Security Fitness Check to help you identify your cyber gaps.

Learn how to proactively manage cyber security, be informed on the latest threats, plus get updates on new laws and regulations around data privacy and security. It’s all available to policyholders on our Tokio Marine HCC CyberNET® website.

Consider CyberNET® your online data security risk management service where you can find:

  • Online compliance
  • Sample policies to implement
  • Online cyber expert support
  • Step-by-step procedures to lower risk
  • Training modules
  • Guidance for handling data breaches
CLAIM SCENARIO

A medical group experienced a ransomware attack. The group retained a breach coach and an IT forensics firm to investigate the incident. During the investigation, the forensics team discovered a prior breach of the group’s computer system that began more than two years earlier and appeared to be ongoing. The hacker had created multiple fraudulent administrative user accounts to access records. The group notified its entire patient population (over 180,000 former and current patients) of the breach. The group also reported the matter to federal and state government agencies and media outlets.

The group’s cyber insurance covered the breach notification costs, IT forensic expenses and credit monitoring costs, which amounted to over $350,000.

Additionally, the group’s defense costs to respond to the OCR and state attorney general investigations were covered under the Privacy Regulatory Defense and Penalties coverage agreement, up to the remaining $1 million limit.

Cyber Solutions coverage includes:

  • $100,000 Cyber Extortion Limit
  • $100,000 Cyber Terrorism Limit
  • $100,000 Multimedia Liability Limit
  • $100,000 Network Asset Protection Limit
  • $100,000 Security and Privacy Liability Limit
  • $100,000 Privacy Regulatory Defense and Penalties Limit
  • $100,000 Voluntary Notification Expenses Sublimit
  • $100,000 BrandGuard®
  • $100,000 PCI DSS Assessment Limit
  • $50,000 Medefense Plus
  • $25,000 Cyber Crime

Combined aggregate limits are based on the number of physicians on the policy as of the effective date of coverage.

Sign in to MyAccount to access CyberNET®:

Managing the ever-changing and complex world of health care—and related governmental rules and regulations—can be daunting, overwhelming and downright worrisome. MEDEFENSE® Plus has you covered in the event of Medicare and Medicaid billing audits and investigations, or unintentional violations related to government regulatory proceedings, including HIPAA, EMTALA, or Stark.

MEDEFENSE® Plus includes coverage for defense costs, shadow audit expenses (for billing error proceedings only), and regulatory fines and penalties. Coverage begins at a $50,000 limit, with an option to purchase up to $1,000,000 in coverage.

MEDEFENSE® Plus coverage includes:

Billing error proceedings

Defense costs, fines and penalties (to the extent insurable by law), and shadow audit expenses brought by:

  • Federal or state governmental agencies
  • Whistleblowers
  • Contractors working on behalf of the government such as ZPIC and RAC
  • Commercial payers

Other regulatory proceedings

Defense costs and fines penalties (to the extent insurable by law) incurred in the following:

  • HIPAA (Health Insurance Portability and Accountability ACT)
  • EMTALA (Emergency Medical Treatment and Labor Act)
  • Stark
CLAIM SCENARIO

An orthopedic medical group received a demand letter from the U.S. Centers for Medicare & Medicaid Services (CMS) claiming $130,000 in overpayments due to billing errors. CMS suspended Medicare payments to the group pending review of approximately 100 patient records.

Under its MEDEFENSE® Plus insurance, the group had free choice of counsel, so it retained its own attorney to draft an appeal and eventually negotiate a restitution settlement of $81,000 with CMS. Although the restitution amount was not covered, the group was reimbursed under MEDEFENSE® Plus for approximately $300,000 in defense costs.

This communication provides a general product summary and should not be construed as a guarantee of coverage. Any claim scenarios described in this communication are hypothetical and used solely for the purpose of illustrating how the insurance is intended to apply to certain situations. Whether, or to what extent, the insurance applies to a particular claim or loss depends on the circumstances of the claim or loss and the terms and conditions of the policy, as issued.