Cyber security insurance- What is it and why do I need it?

What is cyber security insurance?

Does your business maintain electronic records with personal data on your clients?  Is your company prepared to absorb the significant financial implications associated with an unauthorized breach of that data?  Could a virus cripple your PC network?  If so, do you have enough cash reserves to make up for the downtime or can you survive the loss of buisness.

If you can’t answer any of these questions, it may be the right time to call us and ask about cyber security insurance.  In case you’re wondering, that’s a catch-all term for policies that cover hacked computers, virus attacks, denial-of-service attacks, web content liability and other technology-related areas.    Cyber security also goes by e-commerce, e-buisness, information security, cyber risk, network security or hackers insurance.

As a business owner, you know that electronic records and data are just as valuable, if not more valuable, than paper or hard-copy documents. Although not physical in nature, electronic data is nonetheless “essential” in all aspects of your business activities and has intrinsic value.

Cyber security insurance is designed for the protection of intangible data.  It can be easily explained as coverage for professional errors and the risks of doing a business on the Internet or working with a network system.  If you are automated, then you are susceptible to the threat of a breach of your systems, yoru data and your trust.  Anyone who is running a business (or someone who is just starting out) really needs to consider this coverage as much as they would consider any other aspect of their business insurance needs.

Why should I consider cyber security insurance for my business?

Here are a few examples of why you need and should consider cyber security insurance:

• Costs you could incur to make the proper mandatory notifications to your customers if a breach in your system occurs. Many states have mandatory notifications requirements which require business owners to properly notify their customers when a security breach has occurred.  Some states also require these business owners to provide their customers with free credit reports for a year, which can become quite costly.
• Misuse of any information, which is either confidential or subject to statutory restrictions on its use. Do you have any personal or confidential data on your system that a hacker would want and could gain unauthorized access too?
• Defamation. You, as a company, have a direct responsibility for what is on your website.  Companies also can be held responsible for their employees’ e-mail content.
• Transmission of a virus.  Did you know that a company could be held liable if a third party contracts a virus from your company’s website or e-mail, and as a result, that third party suffers a loss as a direct result of that virus?
• Legal costs incurred in the defense action for loss.  Don’t forget about the costs involved just to defend a company when a third party accuses or sues because of the harm or lost revenue caused to their company by your systems breach.

 Is there anything else I can do to reduce my cyber security risk exposure?

You can reduce your risk by:

• installing audit features that monitor log on and log off activities;
• providing warnings that unauthorized users may be subject to monitoring and prosecution;
• developing and implementing a trap and tracing mechanism with your local telephone company;
• implementing systems that identify outside callers;
• reporting significant security breaches to relevant governmental agencies;
• implementing policies and guidelines regarding the use of computing and information;
• encouraging employees to use encryption technologies, if appropriate. and
• implementing security upgrades when they become available.

Some states require you to notify each individual that has been affected due to a breach of your data.  Small- to medium-sized businesses represent prime attack targets for many hackers, who favor highly automated, repeatable attacks against these more vulnerable targets.

What does a cyber security policy usually include?

• Legal liability for damages to third parties, caused by a breach of network security;
• coverage for loss caused by an administrative or operational error;
• breach of privacy coverage for damages resulting from alleged violations of HIPAA, state and federal privacy protection laws and regulations;
• customer notification expense reimbursement (policy sublimit will be set);
• public relations expense coverage;
• comprehensive business interruption expense coverage; and
• cyber extortion reimbursement coverage.

Call us for further details

Adding a New Physician to Your Practice

Valued customers,

We’ve stumbled across an interesting advice article by Judy Capko and decided to share.

Some practices are struggling with meeting patient demands. There is a real shortage of physicians in a number of specialties; and this can tax many practices, making it difficult to meet and/or manage demand. The problem becomes more pressing if there are senior physicians in your practice who plan to reduce their hours or retire in the next year or so.

A natural solution is to recruit for young physicians just coming out of training. The recruitment process may seem fairly clear — seek the help of a professional recruiter or your hospital to help you recruit a physician, and determine a competitive pay rate. Then go through the typical interview process to see if the needs of the physician are reasonable and the package you offer has appeal. However it is a good idea to keep the following points in mind:

It’s a matter of fit. Assuring a good fit is the most challenging aspect of recruiting, because you really don’t know each other until you start working together. Let’s take a look at what it takes to bring in a new physician, make a smooth transition, and help “Dr. Newbie” succeed.

First of all, think about what you want in a new physician. Perhaps your specialty has changed in recent years and there are some procedures your existing physicians have not been trained to perform. If there is a need in your community, it would make sense to seek a new physician who has not only learned how to perform these procedures, but enjoys doing them — which will add a new revenue source to your practice. So it is smart to define what you want in a physician and what your expectations are in terms of workload. Then develop a job description that makes these things clear. Use these tools to measure candidates’ fit with your practice and to give them an understanding of the job responsibilities.

Share your practice philosophy. This begins with discussing your practice’s mission and vision for the future, and what drives the physician owners. Are they more interested in being a leader in their specialty and focusing on staying up with changing times, or do they want to preserve the quality of life and have more time off to spend with family and dedicate to personal pursuits? Some physicians are even reinventing their practice, looking for ways to create a stronger economic position. They may have plans to become bigger and more forceful in the community by buying up ailing practices, expanding into outlying areas, or adding a broad line of services that aren’t typical of their specialty. It would be important to share this information with a physician who is considering joining the practice.

Manage the transition. Once you make a decision and select a new physician to join you it is important to allow plenty of planning time. There is much to be accomplished to make a smooth transition and it will involve both management and staff. This includes everything from credentialing the new physician to announcing her arrival to making sure there is adequate staff and space to accommodate the new doctor. Also, the physician will need to be trained in advance on using the computer system; time allotments for seeing both new and established patients; and managing workflow — including how much lag time is acceptable for documenting a patient’s visit or responding to a patient’s phone call. It’s important that Dr. Newbie knows how many patients you expect him to see in a day, and how long it should take him to reach this benchmark.

Spread the word. Then there is marketing, which is not an insignificant matter. The old days where Dr. Newbie met all the referring physicians at the hospital don’t exist anymore. So many hospitalists are managing inpatient care and many physicians do not have offices in professional buildings on the hospital campus, but are scattered through the community. This makes it more challenging to meet the physicians who will be important in growing a strong patient base. Also, there is a growing trend of referrals coming directly from other patients by word-of-mouth and patients self-referring by looking up physicians who participate with their insurance plan.

Market visibility, practice support, and the new physician’s own appeal will determine how quickly she fits into the community and grows a healthy patient base. The smart practice will prepare a marketing plan and budget for the finances essential to help Dr. Newbie create a desirable presence. This includes offering community lectures, personal meetings with potential referring sources, and actively being involved in the medical community. Dr. Newbie will need to have time to pursue these activities and the practice will need to dedicate time and funds for marketing and promotion, starting with a professional marketing plan.

Have a plan. A creative marketing plan will not only examine the demographics and define the ideal target market, it will provide specific strategies that can be executed and measured. Too often practices do not pay enough attention to the importance of marketing. Doing it right means hiring a consultant who specializes in marketing. This will provide the practice and Dr. Newbie with the support and expertise to get on track and stay on track, by promoting the practice and growing a desired patient base. There really isn’t a better way to give Dr. Newbie the tools to succeed and make your practice a front-runner in the community.

 

Good Luck,

Professional Protective Alliance

Workers’ compensation insurance penalties in New Jersey

New Jersey’s worker’s compensation statuses were amended on October 2008 by a series of bills signed by then-Gov. John Corzine, which intended to strengthen the system and set penalties that can levied levied against participants who run afoul of the systems requirements.

What are the requirements?

An employee in new Jersey must satisfy its obligations to injured employees under the Worker’s Compensation Law either by purchasing an insurance policy or by obtaining authorization to self insure by fulfilling certain filing requirements.

What exactly does this law do?

For starters, this statute makes an employer who fails to provide the protection prescribed by law  guilty of a disorderly person’s offense.  If the employer knowingly fails to provide insurance, the employer shall be guilty of a crime of the fourth degree.  The penalty for these crimes is a criminal conviction!  A disorderly person’s offense does not require a formal indictment and is less serious than a misdemeanor, however, someone convicted can face a fie up to $1,000 and six months in jail!  A fourth-degree crime is more serious yet- it is not a violation, but a crime in the same class as reckless endangerment and aggravated assault.  A conviction of a fourth-degree crime can subject someone to a $10,000 fine and 18-months imprisonment.

What if you don’t own the corporation, are you still responsible for making sure the insurance is being provided?

Maybe.  Where the employer is a corporation, any officer who is actively engaged in the corporate business such as the president, vice president, secretary and treasurer can be liable for failure to provide the required insurance coverage.

Any other stiff penalties you need to look out for?

Yes, there are noncompliance money penalties that grow larger with the time you remain out of compliance with the law. If the division of Worker’s Compensation finds that an employer has failed, for a period of more than 10 consecutive days, to make provision for compensation payments as required by law, the division shall impose a penalty of up to $5,000 and, if the period exceeds 10 days, an additional penalty of up to $5,000 for each subsequent period of 10 days will be imposed.

New Jersey is really serious about making sure workers are protected.  You as the employer will end up paying for an injured worker.  The employer is responsible financially for the worker’s benefits.

PIANJ elects board of directors

PROFESSIONAL INSURANCE AGENTS New Jersey- PIANJ- Has elected insurance producers from around the state to it’s board of directors. These individuals will be serving a 3 year terms, expiring in 2015.

We are proud to announce our president, Steven Radespiel, is among the seven elected!