London-based specialty lines agency CFC Underwriting Ltd. recently announced the launch of a new policy for U.S. health care providers.
The policy is designed for hospitals, doctors, and frontline health care providers and is “the first in a suite of cyber policies that CFC is creating for specific industry sectors,” according to a company statement. Included in the policy is “coverage for corrective action plans under the Health Insurance Portability and Accountability Act, coverage for injuries as a result of a cyber attack, and coverage of costs to improve risk management controls after a breach.”
According to a CFC spokeswoman, limits are available up to $10 million.
Vicky Paxton, CFC’s cyber practice leader, said, “Health care companies have arguably become the largest target of hackers due to the vast amounts of highly sensitive data that they work with and store. To make matters more complicated, there is rigorous legislation surrounding the protection of this patient data, opening companies up to regulatory fines and investigations if they suffer a breach. All of this means that health care companies have a unique risk profile that most standard cyber policies fail to cater to. With CFC’s experience in both health care and cyber, we thought it was a great opportunity to develop a policy for these companies that is truly fit for purpose.”