As more and more Canadians take advantage of virtual healthcare options during the COVID-19 pandemic, brokers and insurers need to make sure their clients have adequate insurance protection for this emerging risk.
The move to medical consultations by video or phone rather than in-person visits brings various insurance implications. This includes the risk of cyberattacks, traditional policies that may not cover technology-related healthcare, and medical board action or licensing issues in provincial jurisdictions, said Tim Boyce, healthcare team leader with London, U.K.-based CFC Underwriting.
According to figures published in June by the Canadian Medical Association (CMA), 47% of Canadians accessed some form of virtual care during the pandemic. The CMA also wants to see virtual care expand once the crisis is over.
Cyberattacks are a major concern for the sector, given the fact that the majority of healthcare providers — whether traditional or telemedicine — are still uninsured for cyberattacks, Boyce said in an interview Sept. 15. “Ultimately, they are going to be left to pick up the tab from the attacks.”
The rapid adoption and onboarding of telemedicine due to the COVID-19 pandemic leaves both healthcare provider and patient data at risk. Ransomware attacks are an obvious threat. “With many industries, you can carry on without technology, but with healthcare, there could be repercussions if a patient can’t be treated, especially if they can’t get their repeat prescriptions,” Boyce said.
“We’ve seen a lot of traditional providers struggling to adhere to basic compliance requirements and many traditional healthcare providers don’t really have physical cybersecurity in place,” he said. “They probably don’t understand the safeguards to protect patient information during a consultation at home when they’re offering it electronically.”
For example, if a doctor is offering a consultation to a patient in their own home, the patient could have children or their partner in the background and that could constitute a privacy breach. And while healthcare systems have been rolled out electronically, they may have also neglected security in the process, making them a greater target for cyberattacks.
To secure the right protection for their clients, brokers should ensure clients have cyber insurance that is adequate for the services these healthcare clients are delivering. Another threat is that traditional healthcare medical malpractice policies are not really fit for purpose, especially for companies offering their services electronically, Boyce said. “Brokers and certain insurers need to have a greater focus on their renewals to reassess whether or not the correct coverage is in place so things like, ‘Will it affirmatively extend to any area that arises out of technology activities or cyber events as well?’”
Boyce said CFC has noticed a huge trend of brokers coming and asking the insurer to reassess clients’ insurance to see whether it is appropriate or if a bespoke solution is needed. “Many domestic insurers in Canada are still reluctant to want to affirmatively extend to telemedicine services because of the unproven track record,” he added.
Another trend is board action or licensing issues or complaints about providers. “We talk about this in relation to privacy, but what about in relation to the quality of care being delivered?” Boyce asked.
One of the big issues with telehealth is the quality of care is “somewhat lower electronically as opposed to in-person,” Boyce said. “We’ve already noticed … providers being subjected to board action or licensing issues in provincial laws and jurisdictions. Often these incurred large costs to insureds and freezes their license in the event they haven’t been adhering to their licensing requirements.”
While CFC’s policy affirmatively extends coverage, not a lot of policies would because it’s an emerging trend, Boyce said.
“It’s certainly going to take a reassessment of certain people’s terms, policy and conditions to ensure they have the right solution going forward.”