Cyber Risk Insurance
While IT applications, including electronic health records (EHRs) and electronic data storage systems, increase the volume and complexity of the health care information being managed, they also increase a health care organization’s exposure to data security breaches and identity theft. The financial and reputational costs associated with restoring lost or damaged data, sending breach notifications to patients, and other potential liabilities that fall under each state’s breach notification statute can be huge.
Why We Endorse Chubb Cyber Risk Insurance for Health Care
The AHA Signature Due Diligence Process™ identifies Chubb as a leader in providing Cyber Risk Insurance Solutions for Health Care through robust and flexible insurance coverage options and proactive risk management services for data breach protection. Coverage limits and terms customized for the needs of individual health care organizations—from large care systems to smaller allied health organizations—are among the standout features of the solution. The policy provides robust first- and third-party coverage for exposures related to health care cyber/data privacy/security breaches that easily integrates with existing insurance programs. In addition, the Chubb cyber loss prevention consultant services reimbursement program is currently unmatched in the industry. With its standout products and services and an ongoing dedication to education, Chubb has proven its commitment to helping the health care community mitigate cyber-related risks.
Chubb Group of Insurance Companies (“Chubb”) is the marketing name used to refer to the insurance subsidiaries of The Chubb Corporation. For a list of these subsidiaries, please visit its website at www.chubb.com. Actual coverage is subject to the language of the policies as issued. Chubb, Box 1615, Warren, NJ 07061-1615.
Unfortunately, many companies don’t realize that whether they experience a data security breach isn’t as much a matter of if it will happen as when.
When a security breach happens, you’ll need comprehensive protection from an insurer that specializes in handling cyber risks, and offers a full suite of integrated insurance solutions to help minimize gaps in coverage. Chubb can help.
Protect your business online with the below links to tools and resources.
Visit the Business Blog
Read expert perspectives on challenges and risks that organizations are currently facing.
Join the conversation>
What's your risk quotient?
Use this easy tool to evaluate how well you're managing your liability risk online.
Take the quiz>
Stolen laptops, rogue employees, and hacker breaches can compromise patient records and their sensitive information. Chubb Cyber Risk Insurance Solutions for Health Care addresses a wide array of risks associated with providing health care in a technology-dependent world.
The unique features of CyberSecurity by Chubb for Health Care Organizations include:
Third-party Liability Coverage
- Disclosure injury, including government and class-action lawsuits that allege unauthorized access to or dissemination of protected health information (PHI)
- Content, reputational and conduit injury
- Impaired-access injury
First-party Liability Coverage
- Privacy notification expenses, including the cost of health care record and credit-monitoring services—even when notification is not required by law
- Crisis management and reward expense
- E-business interruption expenses
- E-vandalism expense
Robust Underwriting Process
- Customized, industry-specific application
- Targets key health care-related data breach exposure areas
- Risk Matrix cyber self-assessment available upon request
Loss Prevention Consultant Services Reimbursement Program for insured organizations
- Reimburses a percentage of the cost of qualifying risk management/loss prevention
- Provides referral resources to specialized privacy/data breach counsel, vendors and consultants
- Unique from Chubb for CyberSecurity customers
“Reasonable and Necessary” Trigger to Notification
- Allows the insured to determine whether notification after a data breach is the appropriate business decision for the organization
- Policy responds regardless of whether notification is required by law
- Insured can incur “reasonable and necessary” costs for notification without prior approval from Chubb
- Insured may elect to have Chubb control vendor selection and the notification process to ensure the most efficient use of resources
Company Website: http://www.chubb.com
- Case Study: 4 Health IT Security Priorities for Hospital Risk Managers
- Flyer: CyberSecurity by Chubb for Health Care Organizations
- Other: Loss Scenerio: Hackers Access Unencrypted PHI
- Other: Loss Scenerio: Lost iPad
- Other: Loss Scenario: Missing Laptop Results in $365,000 in Added Costs
- Other: Loss Scenario: PHI Sent to Storage Facility Never Arrived
- Other: Loss Scenario: Privacy Notification Expenses Cost a Pretty Penny
- Other: Loss Scenario: Stolen Insulin Pumps Contained PHI