top of page

Insuring a New Medical Practice: It's Not Just Malpractice Coverage

  • 3 days ago
  • 9 min read

When a member of our online physician community is starting a new private practice, we often get questions about malpractice insurance coverage. While we have a guide to medical malpractice insurance and tail coverage, malpractice is only one line in a broader insurance stack new medical practice owners need to consider. Other commonly relevant lines include general liability, employment practices liability, cyber, workers' compensation, and a property/business-interruption policy. Each addresses a distinct exposure, and most are some combination of legally required, contractually required, or expensive to be without. These lines are typically much less expensive than malpractice. Below, we provide an overview of these insurance, as well as a business owner’s policy, which can help bundle some of these coverages into a single policy.


This page's content was provided by our partners at Docshield. Docshield provides fast, transparent medical malpractice insurance quotes from market-leading carriers. With just NPI numbers, Docshield pre-fills the majority of your application and shops across carriers — saving their customers over 20% on average. Whether you're shopping for a large group practice or a moonlighting policy, Docshield's licensed experts can help you find the right coverage without the hassle. Get started with our partnership link.


Disclosure/Disclaimer: This page contains information about our sponsors and/or affiliate links, which support us monetarily at no cost to you, and often provide you with perks, so we hope it's win-win. These should be viewed as introductions rather than formal recommendations. Our content is for generalized educational purposes. While we try to ensure it is accurate and updated, we cannot guarantee it. We are not formal financial, legal, or tax professionals and do not provide individualized advice specific to your situation. You should consult these as appropriate and/or do your own due diligence before making decisions based on this page. To learn more, visit our disclaimers and disclosures.


Six common insurance coverages needed for a new medical private practice


Medical malpractice: who (and what) needs to be insured? Individual vs. Entity Coverage


The coverage you needed as an employee still applies, but two new questions show up the day you become an owner: whether the policy needs to name the entity, and whether it extends to the people you employ.


The first question is entity coverage. Your professional corporation, LLC, or PLLC is its own legal "person." It can be named in a suit independently of you.


Related PSG resource:


A patient who alleges malpractice against "Dr. Smith and Smith Internal Medicine, PC" is naming two defendants. If the policy lists only Dr. Smith as the named insured and is silent on the entity, the entity is uninsured for that claim. When you're the sole owner of a solo practice and the policy isn't carrying vicarious liability for other providers, most carriers will name the entity at no additional premium when you ask. Once you have other clinicians (employed physicians, PAs, NPs) on the policy or under your supervision, the entity-coverage conversation is paired with the vicarious-liability question and may carry a premium adjustment. Either way, get this settled before you sign your lease; it's also typically required by hospital privileges and payer credentialing.


The second question is employed clinicians. If you bring on a PA, NP, or another physician as an employee, you have two options: extend your coverage to include them as insureds on your policy (some carriers do this routinely, some won't, all charge for it), or require them to carry their own policy and provide you a certificate of insurance.


In the latter case, you'll need to put vicarious liability on your policy for the providers carrying their own coverage, since their actions can still expose your entity. The math usually favors extending the policy when you're paying their salary anyway, but it's a real conversation with the carrier, not a check-the-box add-on.


Related PSG resource:



General liability insurance policy: what is it and why do I need it?


General liability (GL) covers the non-professional exposures that malpractice doesn't reach: third-party bodily injury, third-party property damage, and personal/advertising injury arising from non-clinical acts. The classic medical-office examples are routine: a patient falls in your waiting room and breaks a hip; a delivery driver trips over an unsecured rug; a sink overflows and damages a neighboring tenant's space. Each is a general liability claim, not a malpractice claim.


GL is most often packaged with property and business-interruption coverage as a Business Owner's Policy (BOP). The BOP bundles three conceptually separate lines that small commercial tenants almost always buy together, and bundling drops the price.


For a starting medical office of any size, a BOP is the default delivery mechanism for GL.

Cost framing: small. GL is consistently among the cheapest lines in the stack, typically a small fraction of your malpractice premium for a small office. The cost driver is square footage, foot traffic, and the limit you choose, not the complexity of your medicine.


The buying question: what does your lease require? Almost every commercial lease specifies a minimum GL limit and asks for a certificate of insurance naming the landlord as an additional insured before you take occupancy. Set your limit at or above the lease minimum; the framework for sizing limits across any line sits in our coverage-limits piece.



Employment practices liability coverage: when do I need EPL?


You need employment practices liability the day you hire your first employee, clinical or non-clinical. EPL (sometimes called EPLI) covers wrongful-termination, discrimination, harassment, and retaliation claims brought by employees, ex-employees, and applicants.


The reason it's expensive to skip: even a charge the EEOC ultimately dismisses without merit can generate five or six figures of defense costs by the time you've responded, produced documents, and sat for an interview. That defense cost is precisely what EPL covers; without the policy, it comes out of practice cash. The triggers are the routine moves of running a practice — hiring, firing, performance management, accommodation requests, applicant rejections — and small practices are typically more exposed because they don't have an HR department buffering owner decisions from the people on the other side of them.


The buying question: does the policy include third-party EPL? That's the endorsement covering discrimination or harassment claims by patients or vendors against your staff, in addition to the standard employee-against-employer claims. In a clinical setting where staff interact with patients all day, third-party EPL is worth a hard look.



Cyber liability: do I need a separate cyber insurance policy?


It's often highly recommended to get a standalone cyber policy in today's environment. Standalone coverage often provides materially better protection than the cyber endorsement or sublimit bolted onto a Business Owner's Policy or, increasingly, onto malpractice policies.


A modern cyber policy covers five things, each its own significant cost line in a real incident: 

  • Breach response (forensics, notification, credit monitoring)

  • Ransomware (extortion costs where legally permitted, plus restoring systems and data)

  • Regulatory penalties (HIPAA enforcement plus state attorney general actions)

  • Business interruption from a cyber event

  • Social-engineering and wire-transfer fraud (the version of cyber loss that doesn't involve a hacker breaking in: a bookkeeper wires funds to a fake invoice)


The reason standalone beats the endorsement: endorsement sublimits were designed when "cyber" meant a stolen laptop, and a real ransomware event in a healthcare setting can blow through them before the forensics work is even complete. Healthcare is a well-documented target — HHS Office for Civil Rights' Breach Portal publishes every reportable breach affecting 500+ individuals, and small practices are not too small to be hit.


The buying question: what are the sublimits, and what does the carrier require of you to keep coverage in force? Modern cyber policies include security-controls warranties (promises you make in the application about your controls), and failing to maintain a warrantied control can void coverage at claim time. Read the warranty section closely.



Workers' compensation: when is it required and what does it cover?


The answer is usually: the day you have employees, in nearly every state. Workers' compensation pays for employee work-related injury and illness (medical care, lost wages, disability) under a state-mandated framework.


A workers' comp policy has two parts:

  • Part A: workers' compensation pays the statutory benefits under your state's comp system.

  • Part B: employer's liability covers you if an employee sues outside the comp framework — for an injury comp didn't cover, or in a third-party-over claim where someone sues both the employee and you.


Part A is the state-required piece; Part B protects the practice from gap suits.


Cost is driven by payroll and class code. Medical office is a relatively low-risk class code, so a small practice typically pays a small fraction of payroll.


For a small practice, the easiest path to acquire workers' comp is often through your payroll software. Modern payroll providers like Rippling and Gusto offer integrated workers' comp policies that handle setup, billing, and audits in one place.


The buying question for a medical practice: are owners and partners required to be included, or can they opt out? Rules vary by state, including or excluding owners moves premium materially, and there's a separate underwriting question about whether owner-only coverage is even available. The clean answer comes from your broker working with the carrier on your specific state and entity structure.



What other types of insurance might be necessary for a new medical practice?


Below are additional lines of coverage worth considering:



Property and business interruption


This is usually bought together as part of the BOP alongside GL. Property covers the physical office and equipment inside it; business interruption replaces the income lost when a covered event makes the practice unworkable for a stretch of time. The most common reason a small practice fails to recover from a fire, flood, or extended outage isn't the cost of replacing equipment — it's months of lost revenue while the office is being rebuilt. Two questions to ask: how is BI calculated (gross earnings vs. actual loss sustained), and what's the waiting period before BI starts paying.



Commercial auto


If any vehicle is titled to the practice, you need a commercial auto policy; personal auto policies generally exclude vehicles used in business. Even if no vehicle is titled to the practice, a hired-and-non-owned auto endorsement on the BOP picks up the gap when an employee runs an errand for the practice in their own car. It's an inexpensive add-on that closes a real exposure.



Directors and officers (D&O)


D&O covers the people who serve on a board against claims arising from their decisions in that role. Most solo and small-group practices don't have a board in the formal sense, so D&O isn't on the early-stage list. Once you scale, take outside investment, or stand up a formal board or advisory committee, D&O becomes part of the conversation.



Umbrella / excess liability


An umbrella policy sits on top of GL, auto, and EPL (and sometimes other lines) and adds liability limits across all of them at once. It's the cheap way to take a $1M-per-line stack to $5M or more in aggregate, and for any practice with assets to protect, it's worth pricing out.


Related PSG resource:


Note that umbrella insurance does not typically sit on top of medical malpractice. That's a separate "excess malpractice" product with its own underwriting; the underlying mechanics are the same as your primary mal policy and follow the same form (claims-made or occurrence).



Considerations to discuss with an insurance broker when setting up a new medical practice


Here are a few key questions to take into a conversation with an insurance broker when you’re setting up your new private practice:


Four insurance coverage considerations when setting up a new medical practice

  • Which lines do I need before opening day? Malpractice insurance is often the first line needed in order to avoid running into credentialing and payer enrollment delays. Other lines should be mapped to a trigger: your lease (GL), your first employee (EPL, workers' comp), the day you flip on the EHR (cyber), the day you take occupancy (property/BI).

  • Can any of them be packaged? A BOP usually covers GL + property + BI cleanly. Cyber and EPL are typically standalone today. Malpractice insurance and workers' comp are almost always their own policies.

  • What does each contract or regulation require as a minimum? Lease, payer agreements, hospital credentialing, and state law each set floors. You're free to buy more, but not less.

  • Does an umbrella policy make sense for the price? Get the math from the broker. For most practices with meaningful assets, the answer is yes.


Related PSG resource:



Conclusion


Taken together, insurance coverages for your medical practice function less like a set of independent policies and more like an interlocking system that maps directly onto how a practice operates and grows. Malpractice remains foundational, but ownership introduces additional exposures tied to the entity, staffing decisions, the physical premises, data systems, and contractual obligations that each require separate but coordinated coverage. The key is aligning each policy with a clear operational trigger—leasing space, hiring employees, or going live with systems—so that coverage activates before exposure does. When structured this way, the insurance stack becomes a practical risk-management framework that supports clinical and business decisions rather than reacting to them after the fact.



Additional business insurance & practice resources for physicians


Shop policies with our partnered insurance brokers.


Sign up for our weekly PSG newsletter for alerts on new educational content, free webinars, and more.


Related PSG resources:



Sources


bottom of page