Medical practices rely heavily on IT systems and technology to provide healthcare services, with confidential data such as medical and financial records, employee files and personal information generally stored or accessed electronically.
Disruption to your practice due to the loss of access or damage to your data could be devastating to both your practice and patients.
No business is immune to the risk of a cyber incident. The threat of unauthorised access by a malicious third party cyber attack, data breaches or loss of data due to the mistake of an employee can happen at any time. Medical practices need to manage these exposures and protect their digital assets through good IT security and insurance cover for when, not if, a cyber incident happens.
That's why Avant Cyber Insurance has been designed to help protect your practice against many of the common losses caused by a cyber incident.
Avant Cyber Insurance is an additional benefit for your practice when you hold an Avant Practice Medical Indemnity Policy. Cover is complimentary for all eligible practices with no additional premium payable.
Covers direct loss or damage to your data, electronic records and programs stored on your practice’s network caused by an insured cause. Where a contractual agreement exists, it also covers the digital assets of your medical tenants on the same network.
For example, the costs of your IT provider to restore, update, recreate or replace disrupted or distorted files from a backup, due to an administrative mistake or malicious third party attack.
Covers income loss and interruption expense due to an interruption to your business in excess of 12 hours — while you are unable to operate your practice because you cannot access your digital assets.
For example, you cannot access your data due to damage from an electrostatic build-up or the failure of a power supply controlled by your practice.
Covers the extortion money paid by your practice to a third party holding your electronic records, digital assets, computer systems or other sensitive online information, until you meet their demands for payment.
For example, the payment of money (including cryptocurrency) or property made to the perpetrator of an attack to release or restore the encrypted data, if agreed by the insurer before the payment is made.
Covers liability or defence expense payable to a third party due to an actual or alleged wrongful act+ by your practice.
For example, if your practice fails to prevent a privacy breach or the unauthorised use of your network to damage digital assets, cause denial of service or send malicious code to another party.
+As defined in the policy wording under Section II
Covers (where insurable under law) the regulatory defence costs and resulting fines and penalties, if your practice is subject to an investigation by a regulator for an actual or alleged wrongful act++.
For example, your practice fails to prevent a breach of privacy legislation, unauthorised use of your network, or transmission of malicious code to the network of a third party such as a hospital or patient.
++As defined in the policy wording under Section III
Covers some of the expenses incurred, with the insurer’s consent, if your practice is legally obligated to notify individuals (or you do so voluntarily to lessen a potential claim) of a security or privacy breach. Some of the forensic expenses associated with investigating the source of the data breach or cyber incident are also covered.
You may also be covered for the costs you incurred to protect or re-establish your practice’s public image in the event that the regulatory action, unauthorised attack on your network or loss of confidential information is reported in the media.
Covers liability or defence expense from a claim alleging your practice committed a wrongful act+++ when publishing content electronically or in print media.
For example, if your practice unintentionally defamed a hospital or was negligent in the publication of online content.
+++As defined in the policy wording under Section V
^Cover is subject to the full terms, conditions, and exclusions of the policy.
Avant is here to support you. If you suspect your practice is experiencing or has suffered a cyber incident, we have a dedicated Medico-legal Advisory Service team who can offer first response support. If required, we will refer you to an expert cyber response and forensics specialist to help get your practice back up and running.
Prevention is better than cure. Learn how to manage your practice’s risk with simple tools and processes.
Steps to protect your practice from a cyber security incident
Responding to a cyber security incident
Cyber security checklist
Learn more >>
Get answers to common questions about Avant Cyber Insurance. If you can't find what you need, email us your question and we'll get back to you.