Technology advancements have allowed the number of Canadian physicians providing remote care to skyrocket. This is great news for patients, but when faults arise, this can blur the lines as to who is responsible.

The increased usability and adoption of digital tools such as AI, telehealth and remote patient monitoring has been a complete game changer for the healthcare industry. Physicians can treat patients remotely, wherever they are, meaning less time, money, and stress.

Cover for physicians & surgeons by the Canadian Medical Protective Association (CMPA)

Physicians providing in-person care to patients residing in Canada are eligible for assistance from the Canadian Medical Protective Association (CMPA); which provides medico-legal advice and assistance.

If eligible for CMPA cover, there are no financial limits to the legal assistance given to members or to the damages paid to patients.

Where the lines blur

However, when conducting digital care, or via telehealth the lines begin to blur as to how the CMPA applies.

The CMPA cover does not generally extend to Canadian physicians residing abroad, and these members have previously found it difficult to find another suitable insurer to provide the professional liability cover they require.

Not having the necessary cover invalidates a member’s practice permit, creating an extremely serious issue.

The CMPA accepts that physicians or patients who are out of the country on a short-term basis need to engage with each other e.g., on holiday or during an emergency. But also states it is not set up to assist with medico-legal problems and legal actions that arise outside of Canada, or that result from care given outside of Canada.

In these situations, where a claim arises out of telehealth care given remotely, the CMPA will consider giving assistance, but on a case-by-case basis.

Non-Canadian residents who receive treatment also have to meet a multitude of criteria before the CMPA cover will respond.

This ambiguous cover leaves practitioners unclear as to the level of cover they have, and the help that is available to them.

Clarity in cover

As technological capabilities extend, exposures can increase, especially when care is given outside a practitioner’s jurisdiction. Healthcare providers will need to protect themselves in the event the CMPA coverage does not apply due to any of the above circumstances.

CFC can help to create peace of mind with the ‘wrap around’ intention of their digital healthcare form that encompasses anything which would traditionally fall outside the CMPA cover, with respect to telehealth. This provides comfort to physicians that wherever, and however, they deliver healthcare services they will be covered.

Understanding exactly when their liability cover will respond, and having confidence in the protection in place, will enable physicians to focus on treating their patients – wherever either party is located.

Source: www.cfcunderwriting.com

Risk reports and vulnerability scans can only tell you so much about the level of security across a network. Often having insufficient reach, these overviews can be misleading and result in a far more positive picture than what’s really going on under the hood.

Taking a lead from pioneering pollster George Gallup, who made his name almost 100 years ago by proving that quantity is a distant second to quality when it comes to the value of data.

Gallup surveyed 3,000 people ahead of the 1936 US election. He forecast a win for democrat candidate Franklin D Roosevelt, despite a Literary Digest survey that had canvassed 2.5 million people and predicted a republican landslide.

Gallup was correct and Literary Digest – its credibility shot – was out of business within 18 months.

Data quality

So, how does this relate to cyber insurance? Well, the point is that across the cyber market, vulnerability scans are being given too much weight, first as a measure of an organization’s cyber security, and second as an indicator of their likelihood to have a cyber claim.

Vulnerability scans or risk reports, aim to identify your internet-facing assets and any insecurities they have. Initially, they were used as a means to highlight potential problems and to suggest remedies. This was a good thing. But more recently they’re being used as de facto assessments of a businesses online security rating.

The problem is that these scans or reports produce data that is often limited. For example, they should locate internet-facing servers and identify the software running, but they’re unlikely to pick up all the services, especially those outsourced to third-party cloud providers.

Nor can these scans see inside your network therefore can’t assess the internal safeguards and protocols that may or may not be in place. In short, they’re seeking to provide a definitive assessment of your cyber security credentials on limited data. And that’s not a good basis on which to assess cyber security or to try and predict future attacks.

The good news is that huge strides are being made in the area of threat intelligence, with CFC leading they way, which does offer the ability to prevent attacks and make effective forecasts on likely cyber claim events.

Threat intelligence

While a vulnerability scan provides a survey of an organization’s internet-facing assets, threat intelligence builds up a dynamic picture of the attacks to which your organization is most susceptible.

CFC has established close working relationships with government bodies, law enforcement agencies, private sector organizations and our own proprietary sources. This network gives them access to the online platforms and markets used by criminals to trade data and exchange information.

Their network provides details of companies that have been compromised. It offers information on what’s been stolen and where backdoors have been left open on a system. Is this company on a threat actor’s list? Have their passwords been traded online?

Access to this type of information allows them to be very certain about the likelihood of an organization coming under attack and allows the threat analysis team to be definite about the actions they take to shore up defenses and to keep that system safe.

Cyber criminals are extremely dynamic and continually change both their point and method of attack. Understanding how attacks are evolving and uncovering where they’re likely to be targeted makes it possible to take swift and effective preventative action.

Just as George Gallup discovered in the 1930s, it’s the quality of your data that determines its value. The number of attacks prevented by CFC’s threat intelligence service is beginning to tell its own story on the scale of that value.

Source: www.cfcunderwriting.com

Nestlé, Clorox and Unilever all made headlines due to recall incidents. What are some key takeaways for small businesses?

Product recall events can span across a wide range of industries due to errors in processing, contaminated ingredients, faulty machinery or accidental human errors. In the last month alone, we’ve seen no less than three high profile food and beverage and consumer goods recall incidents from leading global brands.

Less than a week ago, Nestlé USA issued a recall on its chocolate chip cookie dough over potential presence of foreign material in the form of soft plastic film within the product. This comes less than a month after a recall of the fudge flavor cookie dough for another foreign body issue.

In the same month, British multinational consumer brand Unilever recalled 19 aerosol dry shampoos from brands including TRESemme, Suave and Dove. This was due to elevated levels of benzene – a chemical that can cause leukemia and blood cancers through skin contact.

Clorox similarly recalled 37 million units of scented surface cleaners and all-purpose cleaners containing bacteria which could pose a risk of infection for people with weakened immune systems. Customers were asked to apply for a reimbursement online.

All manufacturers have product recall exposures, and multinational corporations like Nestlé and Unilever are no strangers to recall incidents. In fact, product recall incidents are more common than not. In Q1 of 2022, the US hit a 10-year record high with over 900 million units of recalled goods across all industries. Studies show both frequency and severity of recalls are on the rise due to the ongoing supply chain issues and cost of living crisis.

It’s important to keep in mind that recall costs – such as the cost of getting the goods off shelves or back from customers – only make up a small percentage of the average loss. When an error or fault is discovered during production, investigations must take place to determine the reason.

Ultimately, recalls of any kind impact cash flow. Smaller businesses often have less financial leverage and are therefore more vulnerable to damage to brand reputation and loss of sales. In many cases, there will also be rectification costs to re-manufacture the products, clean down and repair of the production lines, and re-design the manufacturing process.

They can be one step closer to preventing a crisis by creating recall plans, crisis management plans and conducting mock recalls that are well laid out and frequently tested and ensuring business continuity and balance sheet protection with a product recall policy.

Source: www.cfcunderwriting.com