Life SciencesLiability

Question

How does insurance work in a PC-MSO (friendly-PC) telehealth structure?

Short answer

In a PC-MSO structure the physician-owned professional corporation (PC) holds the clinical relationships and the medical-malpractice exposure, while the management-services organization (MSO) owns the technology, the platform, and the patient data. You insure each entity for what it actually does: telemedicine professional liability for the PC, and cyber plus technology E&O for the MSO. The load-bearing detail is the contractual layer between them - the PC and MSO should name each other as additional insured where appropriate so a claim that touches both does not fall into the gap between two separately-placed policies.

Why telehealth uses a PC-MSO structure

Many states apply the corporate practice of medicine doctrine, which holds that only licensed physicians (or physician-owned entities) may own a medical practice and employ clinicians. To operate legally while raising outside capital, telehealth companies commonly split into two entities: a physician-owned professional corporation (the PC) that holds the clinical relationships and employs or contracts the clinicians, and a management-services organization (the MSO) that owns the technology, brand, and business operations and provides administrative services to the PC under a management agreement.

This split is a legal and business structure, but it is also an insurance structure, because the two entities carry very different risks.

Which entity holds which exposure

The PC holds the clinical exposure. Its clinicians see patients and prescribe, so the PC needs telemedicine professional liability (medical malpractice) covering patient injury arising from that care.

The MSO holds the technology and data exposure. It owns the platform and the electronic health record and holds the protected health information, so the MSO needs cyber liability and technology errors and omissions. The MSO can also carry its own management liability and, depending on services, professional liability for the administrative services it provides.

Insuring the wrong entity, or assuming one policy covers both, is the most common structural mistake.

Rating the PC malpractice for a fluid network

The PC's clinician network is often fluid - doctors join and leave the platform frequently - so a professional liability program rated on a fixed roster of named physicians does not fit. The practical structure is an entity-level policy covering the PC's vicarious liability for the network, rated on projected patient volume or revenue rather than headcount. Underwriters still want to understand the credentialing and vetting process even when they are not rating on the roster.

The contractual layer between PC and MSO

Because a single incident can implicate both entities - a data breach at the MSO that harms patients of the PC, or a clinical event that also raises platform questions - the PC and MSO should be named as additional insured on each other's relevant policies, and the management-services agreement should address indemnity and insurance requirements between them. This is where a claim otherwise falls between two separately-placed policies. It is a program-architecture question, not a limits question, and it is worth resolving before launch.

Primary sources

Sources and references

This answer draws on the following regulatory, statutory, and standards-body sources. Coverage availability and program structure also depend on carrier appetite and underwriter discretion not captured by these sources.

Related practice areas

Insurance clauses in this area

Related questions

Have a more specific question?

A specialist will reach out by the end of the day.

Request a free coverage review

Free coverage review

A specialist will reach out by the end of the day.

Request the review

A specialist will reach out by the end of the day.