By Rick D’Angelo

Disability insurance is very valuable and important for you to have. These are the top three questions we get asked about disability insurance on a regular basis.

Do I need disability insurance? Is there a difference between carriers? How long should I wait until I get disability insurance?

We buy insurance to protect many assets, our homes, cars and boats. Disability insurance is the only insurance that will protect your greatest asset, the ability to earn an income. Disability insurance will make sure that you and your family will not be financially devastated in the event of an accident or illness. As a dentist, the odds of becoming disabled in your career are one in four. Most of us think of a disability being caused by an accident, but the fact is that 90 percent of all disability claims are caused by illness or disease. You have worked too hard and had too much training to not have a disability policy.

There are several carriers that offer a disability policy. However, not every policy is equal. Sitting with your agent and reading the contract is extremely important. The disability contract, and the definition of disability, tells the policy when to pay, how much to pay and for how long to pay for. There are different definitions of disability and knowing which definition you have is a must. If disabled and unable to practice dentistry, you want a definition that would allow you to work in another profession, or even teach dentistry, yet still consider you disabled and pay you your full benefit. Too often we see policies that have additional wording that prevents you from working at all or stops paying your benefit much quicker than it should. You should review your policy with an expert to make sure the policy is right for you.

Waiting until you have your own practice or making a “better” income could be too late to get disability insurance. Getting it sooner rather than later only works in your favor. Like other insurances, disability is based on age, health and overall insurability. As we are younger, we typically see quicker underwriting and more favorable rates. Does this mean if you don’t get disability insurance right out of dental school you have missed your opportunity? Absolutely not! It is always a good idea at any age to see if disability insurance is still an option for you.

Just like any financial vehicle, disability insurance is there to assist you in achieving your goals. Speak to a disability specialist with FDA Services today.

By Leeann Nicolo with Coalition Inc.

Traditional cyber insurance protects businesses from the impact of a cyber breach after it occurs. However, what if cyber coverage could actually help reduce the risk of an attack before it happens? 

As cyber incidents increase across the globe — cyber claims severity rose 56% for small businesses last year — reducing the risk of an attack proactively is critical to reducing overall business risk. 

Enter: Coalition’s Incident Response (CIR). 

Driven by a team of technical experts, incident responders, forensic specialists, and security engineers, Coalition provides security across the lifecycle of a business, elevating the ability to respond to bad actors, including a security support center to help prevent attacks before they happen — and respond more effectively if they do.

From ransomware to reputational impacts, CIR solved 46% of incidents reported to Coalition last year —  without additional costs or using up policyholder deductibles. Even more consequential, CIR helped many policyholders prevent cyber incidents last year, as Coalition’s insureds experience less than one-third the frequency of claims compared to the broader cyber insurance market (based on 2020 and 2021 National Association of Insurance Commissioners [NAIC] report data).

The incident timeline: investigate, remediate, communicate

When a cyber incident does occur, policyholders should be encouraged to report the incident to their insurance provider immediately. 

Reporting an incident gets the ball rolling and alerts all necessary vendors and experts to mobilize, with the goal of reducing the overall impact of the incident. Coalition’s Claims team responds immediately to help determine what services to activate, from forensics specialists to a breach coach, and/or a PR firm to manage crisis communications. 

The Coalition team will walk an insured through an investigation and remediation of the incident, while also working on all points of critical communication simultaneously. Here’s the Coalition Incident Response timeline as seen through an investigate-remediate-communicate lens: 

1. Investigate what happened, to determine the tactics and techniques used by the threat actor during the incident. Building off of the insured’s Active Risk Assessment — a scan of how the insured’s network is seen on the dark web, so all vulnerabilities are visible — CIR collects and analyzes forensic artifacts and system logs to dive into what vulnerabilities may have enabled the incident and how the business can react to protect itself. This includes determining if the business has available backups and utilizing tools to have oversight and block the threat actors from gaining more access. Were any previous vulnerabilities noted and not patched? Were all the potential protections implemented in good time? While Coalition’s in-house team leads the investigation of the cyber incident, based on its complexity, third-party specialists could be also called in to supplement Coalition’s expertise. 

2. Remediate for both the short- and long term. While remediation steps are informed by the investigation, this step happens alongside the investigation. The goal here is to act quickly in order to minimize the damage. CIR recommendations will be based on what is known and learned about the business, as well as on protection implementations recommended to them during earlier stages of the Active Insurance life cycle.  For example, if the business has viable backups in place for all of their critical data, CIR can guide the business through a process that avoids interacting with the bad actor and gets them back online more quickly. As a general rule of thumb, offline backups offer the greatest chance of survival during a cyber incident, because they’re unreachable to the threat actor. Online backups are often also seized or locked up by the threat actors along with your network. The CIR team guides insureds through the entire process of restoring from backup, from negotiation, to testing encrypted data, and finally (if necessary) paying the threat actors for a decryption key to regain control of the network. Remediation is also a time during which CIR will make network recommendations for the future. These may include: 
   • Multi-factor authentication (MFA), the electronic authentication of two or more pieces of evidence in order to be granted access to a website or application 
   • Endpoint detection response (EDR), software installed on all servers and endpoints, designed to stop ransomware and identify unusual behavior in an application
   • Network segmentation, a strategy that provides limited network access to employees, based on job qualifications, tasks or seniority. This helps businesses reduce network access. 

3. Communicate the technical details. CIR will act as the business’s technical expert during the incident’s communication process. This includes communicating with the bad actors if necessary, but also providing the appropriate technical detail to include in internal and external communications about the incident.  For example, depending on the regulatory laws in effect in the states in which the business operates, CIR will provide guidance on what needs to be communicated to anyone with breached data. CIR can also work with the policyholder to provide an accurate understanding of how much the claim will cost based on the remediation necessary and forensic investigation that took place.

Very often during and after a cyber incident, it’s important to engage a special public relations firm that deals with cyber incidents and their crisis communications needs. Coalition’s cyber coverage includes this service, and such a team is engaged if necessary by the CIR team as well. 

Coalition Incident Response is active

Coalition’s Active Insurance goes beyond a cyber insurance standard, playing an integrated role in your business’ cybersecurity across its lifecycle. It’s like combining the safety features of a vehicle — reverse backup sensors or automatic braking — with the post-accident coverage. 

Coalition’s Active Insurance approach consists of Active Risk Assessment, which takes place before the policy is written, Active Protection during the policyholder period, and Active Response, a post-breach response. All three phases of this lifecycle provide a continuous feedback loop of the business’ current risk level and vulnerabilities.

To report a cyber incident, Coalition policyholders can reach CIR here.

To learn more about Active Insurance, download the Coalition Active Insurance eBook.

Reprinted from Coalition Inc. Visit coalitioninc.com/blog to view the rest of the content on Coalition’s blog.

By Nicole Franklin, MS, CPHRM, Patient Safety Risk Manager II, The Doctors Company                     

The way we communicate has changed dramatically over the years. Even with the introduction of technology-based communications, such as social networking sites, telemedicine, and texting, the telephone call is still the most widely used communication tool between health care providers and patients. Telephone conversations can, however, present difficulties and may be inherently deceptive if both parties lack the ability to observe nonverbal communication (for example, facial expressions, eye contact, and gestures) that clarify and qualify what the voice is expressing.

When casually or carelessly conducted, telephone communications can lead to diagnostic errors and misunderstandings.

Telephone Communication with Patients

Creating comprehensive, clear guidelines for telephone encounters with patients is critical in mitigating risk. Establish practice guidelines and ensure that all office and clinical staff are trained on their roles in communicating with patients by telephone. Protect yourself from potential liability by following these general practices:

• Smile when greeting patients. Research has shown that people are able to tell if you are smiling by the tone of your voice. Warmly express to patients that you are happy to speak with them today. This interaction may be the first impression that a patient has of the practice or the staff, and it is a factor in patient satisfaction.
• Triage and refer all critical calls to emergency services. Examples of critical calls include abdominal or chest pain, fever of unknown origin, high fever lasting more than 48 hours, convulsion, vaginal bleeding, head injury, dyspnea, casts that are too tight, visual alterations, and the onset of labor. For more information on this topic, read our article, “Telephone Triage and Medical Advice Protocols.”
• Obtain as much information as possible about the patient’s presenting complaint, medical and surgical history, current medications, and allergies to help you arrive at an accurate appraisal of the patient’s condition. Listen carefully and allow the caller both the time and opportunity to ask questions.
• Speak to patients clearly and slowly, and enunciate carefully. Use easy-to-understand language that avoids medical terminology.
• Obtain the services of an interpreter if you encounter a language difficulty. Follow the Americans with Disabilities Act (AwDA) requirements for patients using telephone auxiliary aids or services, including interpreters. For more information, see “AwDA Requirements: Effective Communication.”
• Avoid distractions, such as checking email or attending to other duties, when speaking with patients. Drowsiness, fatigue, or distraction on the part of either party can affect the ability to communicate effectively.
• Adhere to HIPAA rules and regulations to maintain patient privacy when communicating over the telephone, both inside and outside the office. Use a low voice when discussing protected health information, and implement reasonable safeguards to avoid disclosing information to others not involved in the patient’s care.
• Develop written protocols for front office/unlicensed personnel to help them respond to patient questions and concerns. An unlicensed individual cannot provide medical or dental advice. Clinical/licensed individuals answering patient calls cannot exceed their scope of practice.
• Prescribe or advise by telephone only when you have reviewed the patient’s allergies, medications, and medical and surgical history. If providing new instructions to the patient, such as changing a medication dosage, ensure understanding by asking the patient to repeat back the instructions to you. Document the patient’s understanding in the medical or dental record. For more information on this topic, read our article “Rx for Patient Safety: Use Ask Me 3 to Improve Patient Engagement and Communication.”
• Accept a third party’s description of a medical or dental condition only when you have confidence in that person’s competence to describe what he or she sees. If descriptions are unclear, the patient may require an office visit.
• Make prompt referrals if the patient’s call concerns a medical or dental problem that is outside your expertise. Proactively track the consultation and expected report, and follow up with the referred provider and patient.
• Confirm that pharmacists understand all dosages and instructions for drug prescriptions given by telephone. Spell out any similar drug names and use individual numbers for dosages, such as “five zero” for 50. Include the reason for the use of the drug. Insist that pharmacists repeat information back to you. Do the same with facility personnel who take your telephone orders. A safer approach is to use electronic prescribing or fax the medication order.
• Verify and document the patient’s adherence with telephone advice through a follow-up contact to ensure continuity of care.

Documentation

Disagreements about what was said during telephone conversations can be a major problem in professional malpractice cases. Follow these documentation processes to mitigate this risk:

• Document all patient telephone conversations in the medical or dental record—including those received and returned after hours. Include the date and time of each contact and when follow-up is completed.
• Record all details immediately about the information you received, what you advised, and the orders you gave. This action is especially important when a telephone call occurs after office hours or on a weekend.
• Implement an office process for calls received during office hours. Office staff should tell the caller when the provider is most likely to return the call. Include tracking and follow-up to ensure that the caller’s questions and problems are resolved and documented.
• Document a patient’s hospital medical record with telephone conversations about the hospitalized patient—including any conversations with nurses or other providers.

Effective telephone communication and its documentation are vitally important in preventing and defending litigation. For additional risk reduction strategies see our telehealth resources and our article “Smartphones, Texts, and HIPAA: Strategies to Protect Patient Privacy.”

For further assistance, contact the Department of Patient Safety and Risk Management at 800.421.2368 or by email.

---

The guidelines suggested here are not rules, do not constitute legal advice, and do not ensure a successful outcome. The ultimate decision regarding the appropriateness of any treatment must be made by each health care provider considering the circumstances of the individual situation and in accordance with the laws of the jurisdiction in which the care is rendered.

This blog was reprinted by permission from The Doctors Company and was originally posted in December 2021.