Skip to main content

Cyber liability

Learn about our updated and expanded cyber liability coverage.

  • Has your front desk staff ever attached and sent the wrong file to a patient?
  • Are your vendors HIPAA compliant and are they properly protecting your patient information
  • What happens if the server that runs your EMR system goes down? Do you have coverage for that?​

Cyber liability coverage offers protection for network security and privacy-related exposures, such as lost or stolen laptops or theft of patient data.


Physician: $100,000 per claim / $100,000 per policy period
Entities: $100,000 per claim / $500,000 per policy period
Higher limits — up to $3 million — are available for purchase.


  • Ransom payments incurred directly resulting from a ransom threat.
  • Data and system recovery costs incurred directly resulting from a cyber event.
  • Business interruption loss, including extra expense, incurred because of a business interruption directly resulting from a business interruption event.
  • Reputation harm — Reputation loss incurred because of a reputation event directly resulting from a cyber event or extortion threat.
  • Cyber event costs directly resulting from a cyber event. 
  • Proof of loss — Any reasonable and necessary costs for an expert to determine the amount and the extent of any covered business interruption loss, data and system recovery costs, extra expense, and reputation loss.
  • Privacy and network security — Any damages and defense costs arising from a liability claim against an insured for any cyber event.
  • Regulatory fines and penalties — Any fines, penalties, and defense costs arising from a regulatory claim against an insured for any cyber event.
  • Cyber deception — Losses from fraudulent instruction, funds transfer fraud, and telephone fraud.
  • Payment card — Any PCI payments, PCI investigation costs, and defense costs arising from a PCI claim against the insured for a PCI wrongful act resulting from a cyber event.
  • Media — Any damages and defense costs arising from a liability claim against the insured for a media wrongful act.


  • Contingent business interruption — Business income loss and extra expenses you incur during a network outage at your outsourced service provider.
  • Social engineering and crime coverage — Financial fraud, phishing attack loss, and telecommunications fraud loss you sustain as a result of a social engineering event or impersonation attempt.
  • Court attendance costs — Expenses you incur to attend court, adjudication, mediation, or other hearing in connection with a covered claim.
  • Bodily injury — Coverage for damages and defense expense for a covered BI claim 
  • Bricking — Physical injury to or impairment, destruction, or corruption of any tangible property including personal property in the care, custody, or control of the insured.
  • Criminal rewards expenses —  The reasonable amount that the insured pays for information not otherwise available that leads to the arrest and conviction of any person who commits an illegal act that causes a loss.
  • Invoice manipulation — Insured’s direct net loss resulting directly from their inability to collect payment for goods, products, or services that have been transferred to a third party as a result of invoice manipulation.
  • Cryptojacking — The secret use of your telecommunications systems by a third party to mine cryptocurrency
  • Solicitation claims — Coverage under Network Security and Privacy Liability, Regulatory investigations & Fines and Penalties insuring agreements for privacy violations under CAN-SPAM Act of 2003, Truth in Caller Act of 2009 and Telephone Consumer Protection Act of 1991.
  • Breach response and remediation expense outside the limit — Limit separate to and in addition to the maximum policy limit, but capped at the policy limit.
  • Defense outside the limit — Separate limit of liability for defense expenses.