Licensing Isn’t The Only Way To Determine If A Company Is A Cannabis Account

We recently read an article written by Erich Bublitz from Admiral insurance company, that we thought was great information to share. Read below as he discusses medical malpractice licensing for the cannabis industry.

As the cannabis industry continues to expand its understanding of the need for insurance, it is becoming more important for the insurance industry to understand the complexity surrounding the licensing of cannabis companies. Not everything that is a cannabis company needs to be licensed, and some cannabis companies that need to be licensed are not. Clear as mud, right? If we, as an industry, do not develop a deeper understanding of these licensing complexities, we may not be providing the proper coverage needed to protect our cannabis industry customers. We may also unknowingly cover entities that are actually cannabis companies.

Due to the illegality of marijuana at a federal level, some of the tax benefits afforded to other industries are not afforded to the cannabis industry. Cannabis companies, recognizing this, have structured their operations to address and alleviate these challenges. The result is that some companies are truly cannabis operations even though they are not licensed entities. A single cannabis operation often will create three separate companies:

  • The cannabis company that holds a license from the state has possession of the marijuana, and transacts marijuana sales.
  • A real estate holding company that owns the real estate thus allowing the company to obtain tax benefits of real estate much as a non-cannabis company would.
  • A management company, which incurs the expenses related to the cannabis company, thus making those expenses deductible as they are not related to cannabis.

While only the licensed entity is technically a cannabis operation, the other two companies (real estate & management) should also be viewed as cannabis companies. The coverage for those two companies may be in jeopardy should a claim arise and the carrier is unaware of their cannabis affiliation.

The impact of licensing goes beyond the structure cannabis companies have established to obtain tax benefits. “White labeling” operations are common in the cannabis industry. This is when a licensed company manufactures a brand owned by an unlicensed company or a company licensed in another state. A company with a brand of products (edibles, concentrates, or flowers, etc.) that is popular in one state may wish to sell their brand in another state. The manufacturer may run into challenges and find that they either cannot be licensed or it is cost prohibitive to be licensed in another state. This may lead them to contract with a licensed processor in the state in which they wish to expand. With this comes complexity as to who should be licensed and whether or not the relationship is properly designed to meet regulatory requirements. With this business structure, an unlicensed company may need insurance. While unlicensed, they may have a product liability exposure just as they would if they were licensed.

While licensing isn’t always clear, what is clear is that cannabis related exposures are not exclusive to entities requiring a license. It is important that the right coverage is put in place for companies that may not be licensed, but for all intents and purposes, are cannabis companies with similar exposures.


Key Reasons Why Product Liability Coverage Is Particularly Important for Cannabis Dispensaries

While most retailers understand the need for liability insurance that covers them if someone has an accident on the premises, many don’t fully understand the importance of product liability insurance for dispensaries. We have a carrier that offers Cannabis Insurance for cultivators, processors, wholesalers, and dispensaries in states where cannabis has been legalized for medicinal or recreational use.

Failing to understand the nuances and unique services of the Cannabis insurance industry can leave insureds open to a wide array of potential issues that may present in this turbulent legal climate.

Here are some key reasons why product liability coverage is particularly important for cannabis dispensaries:

1. A Cannabis Dispensary’s Products are its Business

Cannabis dispensaries sell products that patients and customers take home to use. That means most of the issues for which a dispensary could be liable are related to the product and occur away from the business.

2. Dispensaries Can Be Liable for Products Under Their Control

Some dispensary owners think that if there is an issue with the product causing injury to a user, the liability falls with the grower or product manufacturer. The reality, however, is that like any retailer of products that are consumed through eating, drinking, vaping, or smoking, changes may occur while the products are under the retailer’s control. They may be contaminated by handling, or bacteria, mold, or fungus may grow if the products are not stored properly.

3. Dispensaries are the Main Point of Contact for Customers

If a customer is harmed by the product and decides to sue, the dispensary that sold the product is the first and most obvious place they usually come after. This is because the products dispensaries sell are not typically well-recognized brands.

4. Product Testing Can Impact Liability

Many growers test their products for insecticides, herbicides, fungicides, bacteria, and traces of metal and other substances that can be harmful if ingested, but some do not. And, this testing may not matter if proper chain of custody is not maintained. This is why many dispensaries independently test products they obtain from growers and manufacturers. This may help in defending against a liability claim, but it will not matter to a customer who has been harmed by the product, and the cannabis dispensary may still have a claim brought against it.

5. Product Labeling and Advice from Employees Impacts Product Liability

Sometimes products are mislabeled, either by the cultivator, processor, or distributor. In other cases, an employee could be advising a customer improperly and sell them a product that causes an adverse reaction. This can occur due to the marijuana itself, or other ingredients combined with the marijuana, such as ingredients in an edible that cause an allergic reaction.

6. Vertically Integrated Businesses Have Increased Liability

Many dispensaries make their own edibles or oils, and even grow their own strains. When a business is vertically integrated in this way, they are responsible for the product at every stage of the process, from seed to sale. While this provides the dispensary with more control over its products, it also increases the product liability for the business.

7. Product Liability Insurance Lets Dispensaries Focus on Growing Their Business

The biggest advantage of product liability insurance for the cannabis industry is the same as any other – peace of mind. Dispensaries need to be able to focus on their core business, which is why it pays to have product liability insurance in case a patient or customer is harmed by the products they sell. When a dispensary’s products are covered, the insurer handles the claim, either settling or paying the legal fees to defend against it. The carrier brings expertise in how to address the claim, which lawyers to engage, and takes the burden off of the dispensary to manage the claim experience, leaving the business with one less thing to worry about.

Not all cannabis product liability coverage is the same and it is important to obtain quality coverage that properly addresses the exposures dispensaries face. 

Contact one of your trusted HPSI Producers if you have a client that needs a quote today!

Do You Have Clients Looking For Coverage For Their Rotation? Interns? Externs? Residents? Medical Students?

We Have a Carrier That Will Consider ANY Hands-On In ANY Capacity Outside the Scope


  • 1M/3M limits
  • $0 deductible
  • 12-month ERP “included”
  •  Short-term policy / three-four week rotations
  • 100% minimum earned premium – no exceptions
  • Facility Limits Warranty and/or Supervising Physician Limits Warranty



  • $750 premium plus taxes & fees – for Observation Only Medical Students
  • Exceptions – rotations taking place in:
    • FL – Broward, Dade, Palm Beach, Counties – $1,000 @ 250K/750K limits
    • MI – Macomb, Oakland, Wayne Counties – $1,000 @200K / 600K limits
    • IL – Cook County – $1,000 @ 1M/3M limits
    • NV – Clark County – $1,000 @ 1M/3M limits

Prohibited Risks

  • Rotations taking place in NY, WV and PA
  • Any hands-on exposure – my still be considered but terms/rates may vary from those noted above



Research indicates that a majority of physicians may be suffering from burnout and that burnout is nearly twice as prevalent among physicians as among other workers in the United States.

NORCAL Group has created a Professional Wellness site  that offers practical strategies for managing stress and preventing clinician burnout.

It provides information, resources, and innovative strategies to help healthcare professionals create meaningful change and improvement across a variety of  work-life stressors impacting the wellness of healthcare professionals.

New Cyber Data Policy

Are You Covered?

There is a new cyber insurance product that has launched, where businesses will now benefit from business interruption cover that is triggered by IT systems failure, as well as malicious cyber events. The updated policy also provides full supply chain business interruption cover, extending to events that impact the insured’s systems and the systems of their technology suppliers, as well as those of non-technology suppliers, where named. Our carrier is the only cyber insurance provider to offer this cover with unlimited reinstatements as standard.

Cyber insurance is about much more than a data breach. The costs associated with system failure or downtime following a cyber attack – like ransomware – can be hugely detrimental to a business and shouldn’t be overlooked when purchasing a cyber insurance policy.

The cyber insurance offering we now have available for our clients adds affirmative crime cover for a new type of cyber attack on the rise, cryptojacking. Cryptojacking is when the hacker hijacks the processing power of a victim’s computer network in order to mine cryptocurrency for their own benefit, leaving the victim to foot the bill for the increased use of bandwidth. With this new Cyber Policy, affirmative cover is also added for the replacement of hardware.

With nearly 20 years’ experience in cyber insurance, our carrier was one of the first companies to offer cyber insurance and has the largest dedicated cyber underwriting and cyber claims teams in London. Their award-winning cyber insurance policies offer comprehensive cover for business interruption, cybercrime, network security and privacy liability, and are backed by an industry-leading in-house cyber incident response team. Over 40,000 businesses in more than 60 countries trust their cyber insurance products and incident response services and HPSI is pleased to present this new policy to you.

Cyber Insurance & the Value of Longer Indemnity Periods

When the first cyber insurance policies emerged in the late 1990’s, aimed at the first breed of dotcom companies, system business interruption was one of the primary drivers of these products. These were companies that had a reliance upon technology that had yet to become commonplace in the rest of the business world. They transacted business super quickly; their day-to-day operations were models of digital efficiency; and they were completely at the mercy of their systems’ performance.

Unfortunately, the dotcom boom soon turned to bust, and those first buyers of cyber insurance disappeared along with the products that they purchased. With the passage of the first breach notification laws in California, however, the cyber insurance market was reborn. The main focus of these policies was no longer system business interruption, but the cost of handling a data breach. Since then, the cyber landscape has been dominated by privacy risk, and only recently, has the issue of Cyber Crime come to rival it for attention in cyber wordings.

You may have seen on the news that Primark, a multinational clothing and accessories retailer, recently suffered from a major fire at their store in central Belfast, Northern Ireland. Since they are unable to use this building, they have suffered from a reduction in sales, amounting to $193,433, to date.Once they are able to use the building again, they won’t immediately start trading at the same level that they would have, had the fire not taken place. After all, they will need to restock the premises, reengage with their suppliers, and reattract customers who may have started shopping elsewhere. This is why their business interruption policy won’t stop paying out once the building has been rebuilt and is fit for use again. It will continue to pay until the business is operationally sound and has returned to the same financial position they would have been in had the fire not occurred (up to the maximum indemnity period).

To put this into a cyber context, business interruption cover should protect you not only for the period that your computer systems are down, but until your business has returned to the financial position that you would have enjoyed if the system outage hadn’t occurred. What defines the indemnity period is still a huge area of inconsistency amongst cyber polices, especially in those territories where the cyber insurance market is less mature.

Indemnity periods on cyber policies typically work in one of three ways:

  1.  The policy will reimburse the loss only for the time that systems are down and not actually functioning. As soon as the systems are up and running again as normal, the policy stops responding and no more money is payable to the insured.
  2.  The policy will reimburse the loss for the time that systems are down, as well as continuing to provide cover after the systems have been restored to their normal functionality for an arbitrary number of days.
  3.  The policy will reimburse all losses (including those incurred once systems are up and running again) that fall within the indemnity period, up until the point that the insured has returned to the same financial position that they would have enjoyed had the system outage not occurred.


Consider the example of an online retailer. They are hit by a distributed denial of service (DDoS) attack, whereby cyber criminals use multiple computers under their control to flood the website, resulting in the website crashing and rendering it inaccessible to normal internet users. As the business is an online retailer, the website is their only way of selling their products. So as soon as the website is down, they start seeing an immediate and dramatic drop off in revenue. In this case, the DDoS attack manages to take down the company’s website for a total of 16 hours. Following this event, the company turns to their cyber insurer for the reimbursement of financial loss during this period.

Depending on the type of cyber policy that the business has purchased, the policy will generally respond in one of two ways:

Loss in excess of the time retention period: The policy will be triggered once the system has been down for a set number of hours (typically this is eight hours on a cyber policy), but the policy will only pay from that point onwards. So if the set number of hours for the waiting period is eight hours and the website was down for 16 hours, the losses incurred during the first eight hours that the website was down would not be covered.

Loss within the time retention period: The policy will be triggered once the system has been down for a set number of hours, but in this case the policy pays from the initial starting point of the outage. So if the set number of hours for the time retention is eight hours and the website was down for 16 hours, the policy would pay for the whole 16 hours’ worth of lost income and additional expenses.

This is an important distinction. With the first option outlined above, the first eight hours’ worth of financial loss are not covered. With the second option, the business is looking at an additional eight hours’ worth of financial loss being recoverable under the policy. This could make a big financial difference to the organization.

Therefore, making sure that your cyber policy covers the entirety of the loss after the time retention has been exhausted is extremely important. Unfortunately this is not always apparent in the policy wording, so it’s always worth checking with the insurance provider in question as to how this particular part of their policy works in practice.

HPSI Is Now A Wholesale Broker For ISMIE

Established over 40 years ago, ISMIE has committed themselves to helping Health Care Professionals practice without the fear and constraints of Medical Liability Litigation

ISMIE provides the ensuring protection, defense and support that physicians want and today’s environment demands. ISMIE has earned a nationwide reputation as an innovator in professional liability coverage, throughout the national audience that they serve. Their broad product offering  ensures that the needs of policyholders are always met. Built by and for health care professionals, ISMIE continues to implement a team-based approach to the defense of claims, giving policyholders confidence and comfort at every step of the process. Read about them below and then call us to discuss the selling strength and security of ISMIE.


At A Glance:

  • Rated A- (Excellent) by A. M. Best.
  • Authorized to do business in multiple states and growing rapidly
  • Provides both Claims Made and Occurrence policies.
  • Flexibility in both coverage and limits for customized, enhanced protection.
  • Policy options include:
    • Cyber liability coverage $500K/entity  $100K/physician
    • Regulatory actions protection
  • Per patient rated policies are available.
  • Shared limits are available.
  • Premium discounts are available.
  • Proven record of 40 years of claims management success.
  • Risk management and CME offerings, both online and home study programs, are available.


Program Highlights:

ISMIE Mutual has dominated the Illinois market since the mid-1970’s. ISMIE is policy-holder owned and focused on products and services that meet the changing needs of physicians and healthcare professionals across all practice settings. ISMIE serves the needs of policyholders, not shareholders.

  • Licensed and admitted in 11 states, which include Georgia, Illinois, Indiana, Iowa, Kansas, Kentucky, Michigan, Missouri,  Ohio and Pennsylvania and the District of Columbia.
  • A- Excellent AM Best Rating.
  • Product Features.
  • Customized Coverage.
  • Absolute Insured Right to Defend.
  • Automatic Cyber Coverage.
  • $500k/entity $100k/ physician.
  • Defendant Reimbursement.
  • Medicare Investigation Reimbursement.
  • Licensing Agency Proceeding Reimbursement.
  • Broad Scope Prior Acts Coverage.


ISMIE Indemnity, is an excess and surplus lines carrier, that is a wholly-owned subsidiary of ISMIE Mutual.

ISMIE Indemnity specializes in professional liability, as well as other coverage, for miscellaneous Healthcare Facilities, Healthcare Staffing and Locum Tenens Agencies, Community Hospitals, Physicians, Physician Groups and other Healthcare Risks

  • Authorized in all 50 states, plus Washington D.C. and the U.S. Virgin Islands.
  • A- Excellent AM Best Rating.
  • Target Classes:
  • Healthcare Staffing Agencies
  • Locum Tenens Physicians
  • Miscellaneous Healthcare Facilities
  • Community Hospitals
  • Physician Groups
  • Standalone Tail



ISMIE has proven the following Fast Facts:

Relentless defense of claims with proven litigation strategies tailored for each litigated case where the analyst, policyholder and defense counsel are equal partners in the handling of the claim.

Sustained courthouse results with an 87$ defense verdict average over the past 10 years, and over 90% the past 3 years.

Established one of the most prolific defense bars in the U.S. for defending medical liability claims.

Policyholders can select their attorney of choice from the panel.

Unprecedented industry leading Physician Review Committee (PRC).

PRC Panel Comprised of 24 actively practicing physicians with all varying specialties who have been  sued in their career.

86.0% of ” defended” claims closed without indemnity over the last 10 years.

Even when a decision is to settle, claims close without indemnity over a third of the time (33.8% over last ten years).

Medical Billing Errors Are On The Rise

Does Your Carrier Offer Medical Billing Coverage?

Not Many Carriers Can Offer You Coverage For Medical Billing.

We Have A New Market That Can AND Will Consider Accounts That Have Had Issues In The Past.


Healthcare Providers and Facilities that can be considered include:

Chiropractors, Dentists, Podiatrists, Medical Directors, Nurse Practitioners, Physicians and Most Healthcare Facilities

Since the formation of the False Claims Act (FCA) allegations of healthcare fraud and abuse have consistently grabbed the headlines. In 2017 alone, The U.S. Department of Health and Human Services (HHS) made approximately $90 billion in improper payments to Medicaid and Medicare programs.

For healthcare providers, navigating this challenging, and oftentimes confusing, set of reimbursement guidelines has commonly led to the rise of billing errors in excess of 30 percent. From Telehealth services conducted at non-rural originating sites, to the widespread distribution of medically unnecessary drugs, including opioids, the allegations of healthcare fraud and abuse by government entities and private payers are more prevalent and diverse than ever before.


Anyone with a national provider identification number is susceptible to a physical or electronic data mining audit. Allegations of improper billings can range from a lack of medical necessity, to incorrect coding, and even insufficient documentation. Our carrier’s policy provides defense in respect of these allegations utilizing reputable and experienced claims managers.


Appeals against violations can be a long and costly process, often stretching over two years if they reach a Federal Court. Our carrier’s policy provides coverage for the expenses arising out of an independent audit on your billing practices following allegations of fraud by a government entity or private payer.


Our carrier offers reimbursement for fines and penalties arising out of a range of medical regulatory violations, including HIPAA-related fines and penalties, Stark law (triggered by physician referrals), EMTALA (ensuring public access to emergency services regardless of ability to pay) and Federal False Claims and Social Security Acts.


These insuring clauses have been tailored to address healthcare companies’ specific cyber exposures. They include specific references to HIPAA and HiTECH legislation, and they offer a separate section for extortion to address the growing threat of ransomware, as well as incident response service with a NIL deductible.


Maximum limit————————- $5,000,000

Minimum Deductible ——————Nil

Minimum premium——————–$1,500


  • Dialysis Centers
  • Drug and Alcohol Rehabilitation Centers
  • Emergency and Non-Emergency Ambulance Services
  • Hospitals
  • Long Term Care Facilities
  • Medical Imaging Clinics
  • Medical Testing Labs
  • Occupational, Speech and Physical Therapy Clinics
  • Pain Management Clinics
  • Physician Groups
  • Pharmacies (including those offering compounding and opioid prescriptions)
  • Telemedicine Providers
  • Solo Physicians
  • Urgent Care Clinics



  • Defense costs for actual or alleged billing errors.
  • Professional fees to conduct an audit of billing records.
  • Payment for regulatory fines and penalties (HIPAA, EMTALA, Stark proceedings).
  • Cyber and privacy coverage tailored to healthcare companies.



  • Defense of license proceedings.
  • Blanket additional insured coverage.

New Chubb Alert!

HPSI is proud to offer access to Chubb’s Business Owner’s Policies and/or Workers Comp Products designed specifically for small businesses.

Paperless PDF quote proposals and policies are generated instantly.

Receive a quote in minutes!


Chubb BOP helps protect small business owners with up to $30M in revenue, in more than 500 business classes across the following industries:

  • Artisan Contractors
  • Clubs and Associations
  • Cultural Institutions
  • Financial Services
  • Healthcare
  • Real Estate
  • Retail Stores
  • Services Businesses
  • Technology
  • Wholesale Businesses

Optional Enhancements:

  • Property Enhancements Including A Unique Automatic Blanket Limit of Insurance Concept That Ties Together Valuable Property Coverages
  • Liability Enhancements Including Broad Named Insured and Blanket Additional Insureds
  • Privacy and Data Breach
  • Animal Bailee Coverage
  • Earthquake (In Selected States)
  • Employment Practices Liability
  • Foreign Liability Including Kidnap and Ransom
  • Electronic Data Liability
  • Water Back-up and Sump Overflow
  • Professional Liability Insurance For Dental labs, Optical Establishments, and Oral Surgeons
  • Crime, Including Forgery and Alteration, Money and Securities, and Employee Dishonesty

Total Account Solution:

Building a portfolio with Chubb means broad, state-of-the-art insurance protection all in one place. Add supporting insurance products to a Chubb BOP policy for the complete insurance solution that meets your clients needs.

  • Umbrella: Umbrella insurance from Chubb provides an additional layer of coverage over existing liability policies, offering small businesses even more insurance protection.
  • Worker’s Compensation: Chubb’s workers’ compensation policy provides small businesses an insurance solution with broad coverage, as well as Chubb’s exceptional policy and claims service.
  • Commercial Auto: Chubb’s commercial auto policy includes personal injury protection, uninsured and under insured motorist coverage limits up to $1M, as well as endorsements that include additional coverages.
  • Management and Professional Liability: Chubb’s ForeFront Portfolio suite provides additional management and professional liability insurance including employment practices, crime, and cyber liability.
  • Cyber Enterprise Risk Management (ERM)/Digitech ERM: Using a three-prong approach, Cyber ERM and DigiTech ERM incorporate risk transfer, loss mitigation services, and post-incident services to help protect against your client’s cyber risks.
  • Foreign Package: As your client’s business spans national borders, their coverage must expand, too. Chubb SCI’s foreign package policy is a mutliline coverage that protects more than inventory and intel; it protects your client’s greatest assets: it’s people.
  • General Liability

Alarming Cyber Stats!


More than 95% of cyber claims are for first party losses only and they fall into three broad categories:


This is straight forward theft of money from a company’s bank account. The fact that nearly every business can now move its money around electronically and remotely means that it is much easier to steal. Criminals no longer target physical banks – they target online accounts. And if a business has somehow been negligent in allowing this to happen, the bank will not reimburse them.


Data is valuable, and if something has value, it is worth stealing. Identity theft has reached record levels around the world and in order to commit identity theft, criminals need data. Seemingly innocuous information such as names and addresses stored on a computer network can be worth more money than you think.


In order to operate, businesses now have an incredibly high dependency on their systems, and criminals know that. By either damaging or threatening to damage a firm’s digital assets, attackers know that they can extort money from their victims who might prefer to pay a ransom rather than see their business grind to a halt. And even after paying up, the victim is often left with systems that are unusable and costly to fix.

In some cases, there may be no financial incentive for the attacker at all. In the same way that criminal damage to property doesn’t always have a financial incentive, damage to digital assets doesn’t need to either.

Claims for theft of funds are actually very easy and quick to quantify, but for theft of data claims, the financial impact can vary depending on the nature of the data compromised and how much of it was stolen.

The costliest part of a cyber event is often responding to the incident. For example, if an attack has managed to compromise a company’s computer network, then IT specialists are going to be needed to stop the attack, protect against further immediate threats, and work out what has been stolen.

There is then a financial cost associated with limiting reputational damage, notifying clients or customers whose data has been stolen, and offering them identity theft protection solutions if necessary.

Damage to digital assets claims can be easy to determine especially if there is an extortion demand which the victim has paid (the amount of the claim is the cost of the ransom) but more difficult if we’re talking about the cost of using IT specialists to rebuild systems or data – which might only be calculated after the work is completed.
The key point underpinning each of these types of claim is that there is a direct financial loss to the victim’s business which can be transferred with a cyber insurance policy.



It is worth noting that while this is one of the biggest issues facing business today, not every cyber policy includes cover for theft of funds and those that do can vary in how broad the cover offered is. Please contact us if you are interested in receiving a brochure with more information about how Cyber risk has evolved, first party risks, types of Cyber claims and more about Cyber crime.