CFC introduces medical billings cover for US healthcare providers

Comprehensive policy provides protection against allegation of healthcare fraud and abuse, includes cyber and privacy cover

London, 12 September 2018 — Specialist insurance provider, CFC, has introduced a new product to its growing suite of healthcare insurance solutions available to US healthcare providers.

Allegations of healthcare fraud and abuse by government entities and private payers are more prevalent than ever before. CFC’s new Medical Billings insurance covers the defense costs of actual or alleged billings fraud as well as expenses arising from an independent audit on billing practices following an allegation of fraud.

Timothy Boyce, US Healthcare Team Leader at CFC, comments: “Since the formation of the False Claims Act, allegations of healthcare fraud and abuse have increased exponentially. Healthcare providers have to navigate a challenging and often confusing set of reimbursement guidelines which has seen the rate of billing errors rise above 30 percent. Our new Medical Billings product has been specifically designed to provide comprehensive protection following billing error allegations by the federal government, private payers or regulatory investigations.”

The policy also offers reimbursement for fines and penalties arising out of a range of medical regulatory violations including HIPAA-related fines and penalties, Stark law, EMTALA and Federal False Claims and Social Security Acts.

Its cyber and privacy insuring clause has been tailored to address the specific cyber exposures faced by healthcare companies and includes specific references to HIPAA and HiTECH legislation, as well as offering a separate section for extortion to address the growing threat of ransomware.

CFC’s Medical Billings product is the latest in its extensive portfolio of healthcare insurance solutions for US companies.

  • Launched last fall, CFC’s ground-breaking eHealth product now insures hundreds of US domiciled companies, offering telemedicine related services to the US military and Veterans Association in more than 70 countries. Providing a blend of medical malpractice, tech E&O and cyber, the policy is designed to eliminate the gaps present in traditional insurance offerings for digital healthcare companies..
  • CFC’s healthcare suite also includes tailored solutions for allied health and medical practitioners working in a wide range of specializations, long term care facility providers, and businesses and individuals working in the health & wellness arena.
  • A leading provider of cyber insurance, CFC launched an expanded version of its standalone cyber policy for US healthcare providers in April.

“We’re constantly reviewing the needs of the healthcare industry, as well as the changing regulatory landscape, to ensure we’re offering valuable, compelling solutions to our US healthcare insureds” adds Boyce.

For more information, please head to the Medical Billings product page.

We Write That

We know that businesses come in all shapes and sizes, from global multi-nationals to small independent shops, and the goods and services these companies provide vary just as widely.

CFC provides insurance for companies across hundreds of sectors in over 75 countries, and while many of our clients come from what we’d consider traditional industries, we’re no stranger to the unusual.

Here’s a look at just a few of the interesting, and sometimes unexpected risks we write:

Animal Therapy
Who wouldn’t benefit from an animal cuddle? Animal therapists use animals – like horses, dogs, cats, pigs, and birds – to enhance and complement the benefits of traditional therapy, helping patients reduce anxiety, improve self-esteem and address a variety of medical conditions.

These practitioners provide a form of therapy, so they’re required to buy Errors and Omissions insurance along with General Liability, which we can cover in one policy. Animal therapy businesses will be covered under our Allied Health & Medical product.

Tequila Yoga
Yep, you read that right, tequila and yoga. Need we say more? An unconventional take on a typical yoga class, these businesses will offer a fun tipple before, during or after a workout. We guess they call that hair of the downward dog!

The availability of alcohol changes the nature of this otherwise typical fitness club risk. Many insurers shy away from risks with liquor exposures, but offering alcohol – whether tequila, wine or beer – is becoming more common at health and wellness facilities like spas. We recognize that these risks aren’t a typical liquor exposure, and can include liquor liability when underwriting these accounts.

Equine photography
For horse lovers, capturing the connection between owner and animal through photos can be just as important as capturing their yearly family portrait. These photographers specialize in working with horses to produce one-of-kind portraits and action shots.

Photographers like these need to protect themselves from claims arising out of breach of contract and intellectual property infringement. Our Media policy is purpose-built for photographers of any breed to ensure they are protected while capturing that perfect shot!

Free throw, slapshot, and hole-in-one competitions
Whether basketball, hockey or golf, one common tactic to engage eager fans is to offer a lucky spectator the chance to win a large prize (and become a local star) by making a once-in-a-lifetime shot.

We cover the financial costs should there be a particularly talented – or just plain lucky – contestant.

Microblading & Vampire Facials
Innovation abounds in the beauty business. Microblading uses tiny needles in the shape of a blade to apply a semi-permanent tattoo, promising patients better looking brows. Vampire facials (PRP therapy) on the other hand, promise anti-aging benefits by injecting the patient’s own blood back into their face.

Both these and other unique beauty treatments and procedures, are often covered under our Health & Wellness product.

For more about CFC’s insurance products or the industries we cover, click here.

Healthcare in Transit

As the elderly population in the US continues to grow, so too does the necessity for non-emergency medical transportation services to cater to this demographic in both urban and rural areas nationwide. The transportation services provided by these companies are vital to the accessibility of routine healthcare services and survival of patients who otherwise would not be able to make it to routine medical appointments. Some of these potential barriers may include a lack of mass transit options and significant distances to their providers. In addition, a patient’s physical disabilities and/or financial circumstances can also further complicate access to these services.

The rising need for these services can be felt even more palpably in rural areas as these geographic regions statistically contain a larger portion of elderly inhabitants than do urban areas where providers are located at significantly closer distances. Further to this point, the geographic isolation of patients residing in rural areas typically carry with them the burden of more chronic health conditions, poverty and consequently, poor health outcomes.

To highlight this point, studies have uncovered that nearly four million Americans have experienced some type of transportation complications which have led to them missing scheduled appointments. This also levies a devastating blow to healthcare providers as no-show rates, in some instances higher than 30% have cost providers more than $150 billion per year.

The impact of patients’ inaccessibility to affordable and convenient transportation services has not gone unnoticed by the Tech industry, however, as we have recently seen on-demand transportation app giants Lyft and Uber make their entrance into the healthcare field. Lyft, working in conjunction with the healthcare information exchange platform Allscripts have partnered to integrate “ride-hailing functionality” into AllScripts database platform which will allow for nearly 200,000 providers to request transportation services for their patients through the Lyft application. Similarly, Uber has recently launched Uber Health which deploys a comparable ride-hailing functionality for the patients of its partner healthcare systems, most notably MedStar and LifeBridge.

Uber and Lyft’s presence in healthcare transportation may well prove to be an effective remedy to an ailing community of patients who otherwise would have less accessibility to healthcare appointments and quality outcomes. However, this does not come without the gleaming risk exposure that current and longstanding emergency and non-emergency medical transportation services are faced with on each and every patient transport. Perhaps the most prevalent source of claims faced by these companies are the result of injuries sustained by patients during the loading and unloading phases of the transport. As many of the patients requiring these services have significant physical limitations, this puts the onus on the company to ensure that all employees have been properly trained to perform these tasks. Other sources of claims in this class which may lead to a sustained bodily injury by the patient(s) in transit include but are not limited to collisions with other vehicles or objects, failing to secure or improperly securing a patient to their seat, failing to properly secure wheelchair bound patients, the improper use of chair lifts and potentially leaving patients in extreme or unsafe conditions unattended.

With these risk factors in mind, it will be the responsibility of tech companies like Lyft and Uber and surely many others who follow suit to ensure that they are employing competent, well-trained and vetted employees who are only providing transportation services to patients which are in line with the safety installations of the vehicle they are operating, such as four-point tie downs for wheel chair and stretcher bound patients.

Overall, this industry class will only continue to be relied upon as a necessity in the years to come and it is primarily important for providers in this space to hold its employees to the highest standards of training and risk mitigation. Non-emergency transit appointments have the potential to quickly escalate into emergency transports due to an unexpected change in the patient’s condition along the way which, if not properly handled, can lead to a delay in services that may subsequently lead to a loss of life. It is also crucial for insurance brokers who will be placing coverage for non-emergency medical transit companies to fully understand the risk exposure presented by these companies and ensure that the carrier will not be excluding claims for some of the fundamental services provided, such as loading and unloading.

Insurance and the digital health revolution

Timothy Boyce, US Healthcare Team Leader, CFC

Healthcare is about to change beyond recognition. A host of technologies are uniting to transform the way we treat patients and develop cures – from artificial intelligence to remote patient monitoring and interactive telemedicine services.


According to Rock Health, $1.6bn of funding flowed into the eHealth sector during the first quarter of 2018, exceeding comparable investment marks for the previous two years. The principle driver, deregulation. In the last twelve months we’ve seen the formation of the Chronic Care Act, which will pave the way for greater use of technology in healthcare, and the VETS Act which allows providers to treat veterans across state lines using telehealth. The next segment will be the Opioid Crisis Act, which promises to put an end to a crisis with the assistance of telemedicine, digital pills and analytics tools.


The FDA have also played a key role in the rise of digital healthcare. In their budget for 2019, Scott Gottlieb cited that ‘we’re seeking to advance a new paradigm in the regulation of digital health technology that I believe will allow us to grow this promising field more quickly’. This of course was in reference to their Pre-Cert Pilot Program, which will aim to look at the software and/or digital health technology developer, rather than primarily at the traditional medical product/device. Since then they’ve also approved a ‘trackable’ pill which is linked to a patch and a smartphone to detect medication compliance.


We’ve even seen 450,000 women in England who were not invited for a routine breast cancer screening because of a ‘computer error’.


As the healthcare and technology sectors continue to intertwine, practitioners and companies operating in the digital health space will start to experience a wider range of risks. From misdiagnosis of medical conditions due to the distortion of x-ray images sent using store-and-forward technology, to incorrect readings of glucose monitors leading to patient harm. We’ve even seen 450,000 women in England who were not invited for a routine breast cancer screening because of a ‘computer error’. The risks are present, real and getting harder to predict. A recent study cited that the FDA reported receiving information on 260 incidents with potential for patient harm, including 44 injuries and six deaths, all arising from technology-related healthcare incidents. It was also reported that almost 25% of 176,409 medication errors notified to US Pharmacopeia were technology-related.


So what does this mean for the insurability of practitioners and companies operating in eHealth? Well, in short it becomes problematic. Medical malpractice insurers are rightly concerned about the potential for patient harm arising from technology-related errors, not to mention the lack of credible data to nullify their concerns for it eroding their profit margin. As a result, their policy triggers have stayed eye-wateringly static despite the global rise of technology within healthcare. Technology E&O insurers will only extend to losses arising from ‘technology activities’ and are loathe to offer any form of bodily injury whether it’s on a primary or contingent basis, and cyber insurers, quite simply, explicitly exclude all forms of bodily injury.


A dearth of affirmative coverage is therefore present in the insurance industry for traditional healthcare providers and digital health companies alike. This has already and will continue to lead to grey areas being present within insurance placements. The knock-on effect of this will be finger-pointing between three or more insurers over the proximate causation of the loss: was it a healthcare incident, technology error or cyber event? Absent any case law, and despite the litany of disclaimers, clients will then subsequently be required to pay three different deductibles and may even run the risk of having no coverage whatsoever. The debate will then intensify about who makes the ultimate decision on patient care, the technology or the traditional healthcare provider?


With these sentiments in mind, the insurance industry is on the cusp of a more modernized approach for healthcare providers. As the shift in healthcare delivery continues, it will become increasingly crucial for agents and wholesale brokers to advise their clients of these potential pitfalls in standard insurance policies, and to source bespoke insurance products tailored to meet clients’ refreshed needs and demands.


If you would like to download, print or share this article, you can do so here.


CFC expands cyber proposition for US healthcare providers

CFC expands cyber proposition for US healthcare providersToday we’re pleased to announce the newest version of our cyber insurance product for US healthcare providers. With the latest policy, CFC enhances its combined cover for privacy and operational disruption with industry-specific features to help healthcare organizations prepare for and respond to cyber incidents as well as comply with industry regulations.

“While most healthcare providers are aware of their privacy and data breach exposures, they can easily overlook cover for operational disruption. The unprecedented increase in malware attacks has shown that operational exposures must be addressed – in fact, we’re now seeing the costs of operational disruption and rebuilding far exceed what a large-scale privacy breach might cost the same entity,” said CFC Cyber Product Leader, James Burns. “Our stand-alone cyber product for the US healthcare sector is tailored to their unique risks, helping limit the impact of a cyber incident on their organization.”

CFC’s latest cyber insurance product addresses the exposures and regulatory requirements unique to US healthcare organizations and ensures that core elements of cover are available each time a crisis strikes, even if a policyholder experiences multiple cyber incidents in the same policy period.

Unlike most cyber insurance products, CFC’s cyber policies offer the provision of first party cover on an “each and every claim” basis and don’t restrict policyholders with policy aggregates. Additionally, CFC’s cyber offering for US healthcare providers is one of the only available cyber products to include cover for HIPAA corrective action plans and cover for bodily injury resulting from a cyber attack alongside cover for the costs associated with improving risk management controls following a breach, system repair costs and incident response costs in addition to the limit.

Burns adds: “CFC offers a market-leading cyber insurance product backed by a global response capability which ensures our policyholders not only have comprehensive cover, but that they can recover quickly from cyber incidents.”

CFC has the largest dedicated cyber underwriting and claims team in the London market. Learn more about CFC’s Cyber for Healthcare insurance offering, or read the CFC cyber blog.

CFC launches new insurance solution for US-based eHealth companies

Medical technology concept. Electronic medical record.Specialist lines underwriting agency, CFC Underwriting, today announces the launch of a brand new insurance solution for US companies and individual practitioners who provide telemedicine and other eHealth services.

In what is believed to be a first for this industry sector, CFC’s new policy provides affirmative coverage for bodily injury arising from both the advice companies and practitioners provide as well as bodily injury arising from technology failures and cyber incidents.

Timothy Boyce, CFC’s US Healthcare Team Leader, says: “Practitioners and companies operating in the eHealth space often bridge both the healthcare and technology sector meaning that they are open to a wide range of risks. In particular, as technology advancements continue to play a more crucial role in how healthcare is delivered, monitored and addressed, the potential problems these companies face from cyber events and system outages is very real. That’s why we’ve developed a policy which truly addresses the eHealth industry’s unique risk profile.”

CFC has tailored cyber and privacy cover in this new policy to address eHealth companies’ specific cyber exposures. As well as a separate section for extortion to address the growing threat of ransomware, CFC’s policy also covers HIPAA-related fines, penalties and resolution agreements. Cyber incident response services are offered with a nil deductible as standard.

Other features of the new offering include automatic coverage for physicians and practitioners, a separate section for technology E&O, breach of contract cover, and failure to perform cover for wearables and self-monitoring healthcare devices that have been manufactured or distributed by the insured.

CFC launches dedicated cyber policy for US healthcare providers

CFC launches dedicated cyber policy for US healthcare providers14 Jul 15: Specialist lines underwriting agency, CFC, has extended its cyber product suite with the launch of a new policy developed specifically for US healthcare providers.

CFC’s Cyber Practice Leader, Vicky Paxton, says: “Healthcare companies have arguably become the largest target of hackers due to the vast amounts of highly sensitive data that they work with and store. To make matters more complicated, there is rigorous legislation surrounding the protection of this patient data, opening companies up to regulatory fines and investigations if they suffer a breach.”

She continues: “All of this means that healthcare companies have a unique risk profile that most standard cyber policies fail to cater for. With CFC’s experience in both healthcare and cyber, we thought it was a great opportunity to develop a policy for these companies that is truly fit for purpose.”

Innovative features of this new policy include cover for HIPAA corrective action plans, cover for bodily injury resulting from a cyber attack, cover for the costs associated with improving risk management controls in the period following a breach, and unlimited retroactive cover.

This is the first in a suite of cyber policies that CFC is creating for specific industry sectors and further new products will be introduced in the coming months.