Cyber Solutions will be available starting Jan. 1, 2012, as an endorsement to the policies of eligible physicians and hospitals, pending approval in the states where MMIC conducts business.
MMIC previously offered data security coverage separately from its medical liability coverage, through a specialist insurer. Cyber Solutions is underwritten entirely by MMIC.
MMIC Vice President of Underwriting Jeff Pearson said that, according to independent research on privacy, data protection and information security policy, health care is among the top three industries most frequently victimized by data breaches.
“Given the type of data collected and stored by most health care organizations – including Social Security numbers and personal insurance information – patient data is often a target for fraudulent use,” Pearson said. “In addition, physicians and hospitals are required by law to safeguard and protect personal health information.
Also according to Pearson, Cyber Solutions covers physicians and their organizations for third-party losses resulting from unauthorized access to computer networks, failure to prevent identity theft and similar risks to network security and privacy. It also provides coverage for breach of control and use of financial or medical information, including breaches of regulations under the U.S. Health Insurance Portability and Accountability Act (HIPAA) which protect the privacy of individually identifiable health information.
The physicians’ coverage is available to independently owned and operated physician practices with deductibles of less than $250,000, and includes limits of up to $100,000 per claim. Annual aggregate limits are based on the number of physicians on the policy, with limits available of up to $500,000 for groups of 21 or more physicians. Physicians also have an option to purchase limits of up to $10 million.
Cyber Solutions coverage for hospitals provides similar coverage for privacy and security liability. It also covers claims alleging that electronic media on a hospital’s Web site or print media resulted in an invasion of privacy, defamation or similar damages.
Eligible hospital policyholders include hospitals with annual revenues of less than $250 million and deductibles under $250,000. The hospital coverage includes liability limits of up to $100,000, with the option to purchase $10 million in limits.
