E & O Insurance

Since an E&O insurer cannot gauge the risk nor police the degree to which a broker is compliant with the privacy and security rules they will not insure it.

So to put it another way your firm is naked from a risk management perspective in terms of its insurance cover.

HIPAA HITECH is not some toothless DOL or ERISA law nor the HIPAA of 2003. WHY?

What is your risk? Let’s start with your reputational risk alone.

The last time that any of us heard the word “tattle tale” was probably in grade school but with HIPAA HITECH it is joining the lexicon of the healthcare and employee benefits worlds.

 So now every person in your own organization, the carriers or former staff could have a field day at your expense…and your E & O won’t pay a penny in your defense.

Are you paying attention now?



Penalty Fees



Maximum per Year

Tier A – Did not Know

$100.00 $25,000.00

Tier B – Reasonable cause, not willful neglect   

$1,000.00 $100,000.00

Tier C – “Willful Neglect”, corrected

$10,000.00 $250,000.00

Tier D – “Willful Neglect”, uncorrected

$50,000.00         $1,500,000.00

So your organization’s only defense against HIPAA HITECH penalties and reputational risk is to get compliant, stay compliant and be sure to encrypt your email when transmitting PHI.