DISCLAIMER: The information provided in this article, other knowledge base articles, and the Compliancy Group website do not, and are not intended to, constitute legal advice. All information, content, and materials in the Knowledge Base and on the Compliancy Group website are for general informational purposes only.
As of October of 2023, Compliancy Group is not familiar with any state or federal law requiring the purchase of cyber liability insurance by a HIPAA covered entity.
The Federal Trade Commission (FTC) has issued a publication that provides guidance on what a small business should look for in selecting a cyber liability carrier. This resource from the Department of Health and Human Services provides guidance on what to look for in a cyberinsurance policy. A number of well-known insurers offer cyber liability insurance (including, as of October of 2023, CE Group, Chubb, Beazley, CNA, Travelers, and Liberty Mutual, among others). Page “36” of this HHS guidance document discusses what a cyber insurance policy should cover.
Compliancy Group does not offer legal advice or consulting advice, and we do not recommend either that a covered entity purchase or not purchase a cyber liability insurance policy. We have no particular recommendation as to which carrier to obtain a policy from, should a covered entity choose to apply for cyber liability insurance.
The decision as to whether to purchase cyber liability insurance, and as to what amount of insurance might be appropriate, should be made after consulting with a qualified healthcare and/or healthcare insurance attorney.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article