Listen to this post

This is the first in a series of articles addressing critical issues in risk management and insurance for skilled nursing facilities.

Owners and operators of skilled nursing facilities know that a claim or lawsuit against their facility is not a matter of if, but when. Procuring the proper insurance is critical to effectively managing and mitigating these risks. A professional liability insurance policy should provide coverage for the facility and its directors, administrators, and employees from claims of negligent care. 

Unfortunately, merely purchasing a professional liability policy without further scrutiny can leave a facility uninsured for certain claims. These policies incorporate exclusions and conditions that insurers could cite to attempt to limit coverage, particularly for claims that allege intentional injury to a patient resident. For example, an injured patient could allege that her injury was not the result of mere negligence, but instead resulted from retaliation by the facility or the facility’s employee in response to a prior complaint. These retaliation claims pose an increased risk to a facility and its insurance coverage, regardless of whether they are alleged as an intentional tort under a state’s common law or as a violation of a state’s anti-retaliation statute.

In states where retaliation is specifically barred by statute, state laws can create additional liability and damages exposure for claims brought by residents who file formal complaints or bring regulatory actions against nursing facilities alleging retaliation. Earlier this year, for example, the Illinois Legislature passed a new anti-retaliation statute for nursing facilities, House Bill 2474, that broadens the scope of anti-retaliation protections. The Illinois bill, which has passed both houses and been sent to the governor’s office for signature, does not require a formal complaint, but can be triggered by a resident taking more informal action, such as making a request to the facility related to the resident’s care. In addition to potential liability for consequential damages, Illinois HB 2474 also makes nursing facilities liable to the plaintiff for attorneys’ fees and additional damages “in an amount equal to the average monthly billing rate for Medicaid recipients in the facility.” The damage provisions of Illinois HB 2474 differentiate it from other broad anti-retaliation statutes. For example, Minnesota expanded its Patients’ Bill of Rights in 2020 to protect nursing facility residents from retaliation for a host of actions, including advocating “for necessary or improved care or services” (M.S.A. § 144.6512). However, Minnesota’s statute does not provide for a private cause of action for residents to sue the facility.  

Even if a state’s anti-retaliation statute does not specify additional damages or provide a private cause of action, retaliation claims brought as common law torts can nevertheless pose the risk of enhanced damages based on the facility’s perceived culpability – a risk not found in ordinary negligence actions.

Retaliation claims are a significant and thorny example of circumstances where allegations of negligent and intentional conduct can intertwine. Unless a statute identifies certain acts that constitute retaliation per se, the patient must necessarily prove an intent to retaliate – retaliation cannot be the result of mere negligence. But ordinary negligence and intentional retaliation could manifest in factually identical ways – with intent being the only distinguishing factor. For example, a resident allegedly injured in a fall while being helped out of bed by a facility employee could assert negligence. But if that same resident had complained to management about the quality of their care prior to the fall, the resident could also allege retaliation, asserting that they were allowed to fall in retaliation for the complaint. 

Insurers could seize on retaliation allegations to deny coverage under several exclusions, including exclusions for expected and intended conduct and for willful violations of laws or regulations.  Depending on the scope of the policy exclusions, insurers could assert that otherwise insured negligence claims are excluded retaliation claims.    

To maximize the potential coverage for claims of retaliation or other intentional conduct bolted on to ordinary negligence claims, insureds should understand that the expected and intended exclusion does not exclude claims that an insured acted intentionally; the insurer must also prove that the insured intended to cause the alleged harm. Unfortunately, a retaliation claim arguably alleges that intent to cause harm if the actions can be attributed to the insured entity or individual.

Insureds can take four steps to mitigate anticipated insurer defenses to coverage for retaliation claims: 

  1. First, insureds should seek language limiting the intentional conduct exclusion. The best limiting language would require a final adjudication of intentional conduct at trial (and after exhaustion of all appeals). Insurers could not invoke this exclusion in cases settled before trial.
  2. Second, insureds should confirm that any exclusions based on alleged willful statutory violations do not inadvertently encompass statutory retaliation claims.
  3. Third, because insurers may attempt to allocate liability among the negligence and retaliation claims to reduce their obligations for a settlement prior to trial, insureds should insist on favorable allocation provisions that do not leave the allocation to insurers’ discretion but instead require reasonable allocation based on an objective assessment of the claim.
  4. Finally, insureds should insist on policy provisions requiring the insurer to defend (or preferably pay the defense of) all asserted claims – including arguably excluded claims – as long as at least one claim potentially falls within coverage. 

These four steps will provide insureds with additional insurance protection against statutory retaliation claims by limiting the defenses that insurers could otherwise assert in response to these claims. And as always, policyholders should scrutinize their professional liability insurance policies during renewal to maximize the coverage available to them. Many coverage enhancements do not impact premium – but they do require insureds’ diligence and awareness of coverage quagmires before binding insurance, as this discussion of retaliation claims shows. 

Listen to this post

Introduction

Cryptocurrency isn’t just for tech startups and X (formerly Twitter) enthusiasts anymore. Mainstream corporations are increasingly forced to consider Bitcoin—the undisputed “king” of crypto—and other investments into digital assets whether they are on board or not. Some, like Tesla and MicroStrategy (now rebranded as “Strategy”), have already poured billions into Bitcoin. Others, like Microsoft and Amazon, have fielded recent shareholder pushes to invest, while companies like GameStop are proactively positioning themselves to invest in Bitcoin and other crypto-related assets through updated, crypto-friendly investment policies. And with regulators starting to soften—think legal shifts and the White House’s recent announcement of a U.S. strategic crypto reserve—justifying a “no” might get tougher.

But whether a company “hodls” (crypto slang for holding an asset long-term) or “folds,” there are insurance and liability risks either way.

  • Reject Bitcoin? Shareholders could claim you failed to act in their best interest, and your directors and officers (D&O) insurers might leave you hanging.
  • Invest in Bitcoin? A cyberattack could wipe out your digital assets, and your crime or cyber insurer may deny coverage.

As recent legal and corporate developments show, companies need to think beyond the investment decision itself and assess the insurance-related implications of their decision to invest (or not invest) in Bitcoin, as well.

The Risk of Saying No: Could Shareholders Sue for Missing Bitcoin Gains?

Most boardrooms don’t associate Bitcoin with D&O insurance, but recent events suggest they should. For example, in December 2023, gaming retailer GameStop approved a policy authorizing CEO Ryan Cohen and a small committee of other executives handle the company’s securities investments—including in digital assets like Bitcoin. In November 2024, the National Center for Public Policy Research (NCPPR) pressed Microsoft to assess if Bitcoin could benefit its $484 billion in assets, mostly tied up in bonds and securities that the NCPPR said “barely outpace inflation.” The proposal urged a study on whether diversifying with Bitcoin would best serve shareholders’ long-term interests, arguing boards might have a fiduciary duty to consider a Bitcoin investment despite its short-term volatility. While Microsoft ultimately rejected the proposal, the retail giant Amazon is now facing a similar push. In December 2024, Amazon shareholders proposed allocating 5% of the company’s assets to Bitcoin.  The proposal is awaiting a vote in April.

Historically, companies like Microsoft and Amazon could cite regulatory uncertainty as a reason to avoid Bitcoin. But with a friendlier U.S. regulatory stance taking shape—including the DOJ’s recent dismissals of their legal cases against crypto exchanges Coinbase and Gemini, increased political support for the industry, and the White House preparing to host its first-ever “Crypto Summit” later this month where it will announce the creation of a national strategic crypto reserve that will house billions of dollars worth of Bitcoin and other large-cap cryptocurrencies—Bitcoin’s legitimacy as a corporate asset could become an issue. As crypto regulation stabilizes, corporate boards may begin to encounter scrutiny over whether they are responsibly considering Bitcoin as an investment option.

This recent shift in corporate and regulatory sentiment towardsBitcoin raises an important question: If Bitcoin’s value rises and a company chooses to stay out, could shareholders claim the board failed in its fiduciary obligations, and, if so, would the company’s insurance program provide protection?

This risk isn’t hypothetical. Bitcoin has surged over 50% just in the past year.  And its decade-long haul has been nothing short of staggering, rising from around $200-$300 in 2015 to peaks over $100,000 earlier this year—a gain of as much as 30,000%-40,000%. Even NVIDIA, one of the best-performing stocks of the era, has returned an estimated 25,000%-30,000%, making it one of the only public assets to come close—yet Bitcoin still edges it out.

While there has not (yet) been any reported litigation challenging a company’s decision not to invest in Bitcoin or other crypto-related assets, shareholders may begin to argue that a company’s refusal to consider a Bitcoin investment improperly disregarded significant potential benefits and undermined shareholders’ best interests. And while the strengths or weaknesses of their case could be debated, these recent instances of shareholder activism over investments in Bitcoin indicate that a lawsuit could be brought. If it is, the company will almost certainly want insurance coverage to defend against such allegations.

So, could a D&O policy cover a shareholder lawsuit alleging the board mismanaged corporate assets by rejecting Bitcoin? Notably, there is no standard form from the Insurance Services Office (ISO) for D&O insurance policies, and many such policies are manuscript—meaning they’re specifically drafted or tailored for an individual insured. Thus, while most D&O policies follow a general structure, and typically provide coverage for shareholder lawsuits alleging breach of fiduciary duty, the policy language can vary significantly between insurers and even between individual policies. Some policies may exclude claims involving speculative investments or financial decisions, which could be relevant in a Bitcoin-related lawsuit. Others may expressly exclude cryptocurrency-related claims altogether. If your company is fielding Bitcoin-related shareholder proposals or considering investment policy shifts to more freely allow investments in digital assets, it may be time to closely review your D&O policy language to ensure proper coverage for digital-asset-related investment decisions.

The Risk of Saying Yes: If You Buy Bitcoin, Can You Insure It?

For companies that do invest, the next challenge is securing those assets—and that’s where things get tricky. Saying “yes” to Bitcoin might juice your balance sheet, but it’s a magnet for thieves and scammers—and your crime or cyber insurers might not have your back. Just last month, crypto exchange ByBit lost $1.5 billion worth of the cryptocurrency Ethereum to an alleged North Korean hack, proving that even “secure” cold wallets (offline storage mechanisms) aren’t immune.

Crypto exchanges aren’t the only targets—corporate treasuries holding crypto are in the crosshairs too, and the losses sting just as bad. In December 2024, Web3 firm Hooked Protocol lost $9 million when hackers exploited a smart contract vulnerability. And in 2021, meatpacking giant JBS paid an $11 million Bitcoin ransom to regain access to its systems after a cyberattack—not a theft of corporate-owned crypto, but a forced payout from company funds. As more non-crypto-native companies move Bitcoin onto their balance sheets—just recently, three U.S.-based biotech firms each publicly pledged to buy $1 million worth—bad actors will be taking note.

So, can your cyber or crime policy cover Bitcoin theft? Cyber insurance might handle hacks or ransomware, but crypto? Policies built for data breaches may exclude “digital assets” or “speculative investments,” potentially leaving stolen Bitcoin uncovered. Crime insurance is better suited—think employee theft or third-party fraud—but many still define “money” as cash or traditional securities, not digital assets like Bitcoin. Social engineering scams (e.g., a CFO tricked into sending Bitcoin to a scammer) might slip through, too, unless you’ve got an endorsement for that.

Custody is another critical factor. If you hold Bitcoin in-house (whether in “hot” or “cold” storage), coverage might apply if “cryptocurrency” is explicitly listed as covered property. Store it with a third party, like Coinbase? Look for coverage for custodial losses. Additionally, insurers often impose exclusions and limitations that could restrict coverage. For example, “voluntary parting” (e.g., sending crypto to a scammer, even if duped) or “unsecured systems” (e.g., failing to implement multi-factor authentication) can endanger coverage. Insurers also hate crypto’s volatility—some cap payouts at the theft-day value, not a later cycle high.

As more companies explore Bitcoin investments, it’s critical to review existing cyber and crime policies to determine whether digital assets are adequately covered. Specialty crypto insurance products are emerging—offered by providers like Evertasand Coincover—but they’re far from standard. For now, companies holding Bitcoin should assume there are gaps in coverage unless their policy explicitly says otherwise and should take action to protect their risks accordingly.

So, What’s the Play? Insurance Takeaways for Corporate Policyholders.

Bitcoin presents a double-edged risk—whether a company invests or not, there’s exposure on both the D&O and cyber/crime insurance fronts.

Here’s what policyholders should do:

  • If you’re rejecting Bitcoin: Review your D&O coverage to ensure it would respond to shareholder suits alleging mismanagement of investment strategy over digital assets, like Bitcoin.
  • If you’re investing in Bitcoin: Review your cyber and crime policies for coverage gaps—especially regarding digital asset theft, exchange insolvency, and fraud.

Bitcoin isn’t just an investment decision—it’s a liability and insurance minefield. Whether your company hodls or folds, the right coverage makes all the difference.

Listen to this post

This is the first in a series of discussions about insurance issues unique to the Lone Star State.

For nearly a century, the Stowers doctrine has been a critical cornerstone of Texas insurance law protecting insureds facing the threat of a nuclear verdict. This doctrine, named after the seminal 1929 case G.A. Stowers Furniture Co. v. American Indemnity Co., is both a powerful sword for plaintiffs – allowing them to recover damages exceeding the available insurance limits – and a shield for insureds – shifting the risk of an excess judgment to the insurer. But obtaining Stowers protection can be a challenge for defendants with multiple layers of coverage.

Under the Stowers doctrine, an insurer faced with a settlement offer within policy limits must accept the offer if “an ordinarily prudent insurer would do so” (G.A. Stowers Furniture Co., 15 S.W.2d 544, 547 (Tex. Comm’n App. 1929)). If the insurer rejects that offer, the insurer is liable to its insured for the resulting judgment – even if that judgment exceeds the insurance policy limits. Stowers liability is based on the premise that it is usually the insurer, not the insured, who has the power of the purse and therefore control over both settlement and defense of the case, as provided in a standard form commercial general liability policy.

In the common circumstance of a single insurer with a single policy, the risk of Stowers liability is clear. The insurer controls settlement discussions and bears the corresponding Stowers risk. For example, standard form ISO commercial auto policies (CA 00 01 11 20), CGL polices (CG 00 01 04 13), and cyber liability policies (CY 00 02 11 21) all cede control of both defense and settlement to the insurer. Any proper Stowers demands made within the policy limits of these policies raise the specter of excess exposure for the insurer. But what if there are multiple insurers, such as an umbrella or excess insurer? Under standard form ISO commercial umbrella (CU 00 01 04 13) and excess policies (CX 00 01 04 13), the insurer can only take control of defense and settlement once the underlying limits have been exhausted. The interplay between the duties of the primary and umbrella/excess insurers can put insureds at risk.

Let’s use a basic $3 million, three-layer insurance program as an example. Insurer A provides coverage for the insured’s first $1 million in liability, Insurer B covers the second $1 million under an umbrella policy, and Insurer C covers the final $1 million under an excess policy – for a total of $3 million in liability coverage. A wrongful death claimant sues the insured, alleging liability within the limits of all three policies, and makes a settlement demand against the insurers for $3 million. Are the three insurers in this hypothetical subject to Stowers liability?

The insurers may contend that Stowers does not apply if they do not agree on settlement strategy. The Stowers doctrine rests on the premise that an insurer confronted with a properly made Stowers demand controls the decision to settle, and accordingly should be held to account for an unreasonable refusal to do so. In the hypothetical above, the insurers may disagree on strategy and, as a result, contend that none of them controls the settlement. Insurers A and B may wish to accept the settlement offer, but both are powerless to accept the full $3 million demand unless Insurer C also agrees. Furthermore, Insurer C may argue that its policy is not implicated until Insurer A’s and Insurer B’s policy limits are exhausted by payment of judgment or settlement. Insurers will cite case law suggesting that Stowers liability does not attach in this scenario. See, e.g., AFTCO Enterprises, Inc. v. Acceptance Indem. Ins. Co. 321 S.W.3d 65 (Tex. App. 2010). But relieving all three insurers of their Stowers obligations would effectively eliminate the critical protection Stowers provides — leaving the insured exposed to a potentially nuclear verdict arising from the insurers’ collective refusal to settle. This outcome would be particularly perverse given that only relatively high-value claims implicate multiple layers of insurance.

Insureds can turn to a federal district court case, Pride Transp. v. Cont. Cas. Co., 804 F.Supp.2d 520 (N.D. Tex. 2011), as a solution. Pride provides a guidepost for how umbrella and excess insurers can still be held to their Stowers obligation if the lower insurers tender their policy limits to the excess insurers. Interestingly, Pride is the reverse of the prototypical Stowers case, as it involved the insurer arguing that its Stowers duties were triggered and the insured arguing that no Stowers duty existed. Pride involved an auto accident where the owner of the at-fault vehicle, Pride Transportation, was insured by a $1 million primary policy and a $4 million excess policy. The underlying plaintiff made a Stowers demand against Pride’s driver for $5 million – the combined limits of the primary and excess policies. Pride demanded that its primary insurer (Continental) tender its limits to its excess insurer (Lexington) – which Continental did. Lexington then settled the claims against Pride’s driver for the full $5 million limits of both insurance policies. After settling the claims against the driver, Lexington withdrew its defense of Pride, and Pride’s exposure was left uninsured. Pride sued Continental and Lexington for breach of contract, arguing in part that the insurers had no duty to accept the $5 million demand against Pride’s driver because the demand did not impose Stowers liability. Relying on AFTCO, Pride argued that there could be no Stowers liability where the demand exceeded each individual policy’s limits. The court rejected this argument, reasoning that, because Continental had tendered its limits to Lexington, Lexington could unilaterally accept the $5 million demand, triggering Lexington’s Stowers duty (804 F. Supp. 2d at 529-530). 

So, what are the practical implications for a Texas insured covered by a multi-layer insurance tower? Once a claim has been made, an insured faced with a Stowers demand that implicates multiple layers of its insurance tower should demand that the lower-tier insurers tender their limits to the highest insurer. The highest insurer, now in complete control of the settlement – and therefore now subject to Stowers liability – may find itself open to a settlement it previously rejected.

While the excess insurer may not be contractually bound to accept the tender of the lower-level policy limits, Stowers liability may attach even if the excess rejects the tender. As the Texas Supreme Court has noted, Stowers liability can arise from “the insurer’s control over settlement” – not just from the insurer’s formal duty to defend (Rocor Intern., Inc. v. National Union Fire Ins. Co. of Pittsburgh, PA, 77 S.W.3d 253, 263 (Tex. 2002)). Once the primary insurer tenders its limits to the excess insurer and cedes control of settlement negotiations to the excess insurer, the excess insurer would have the sole and unilateral ability to settle the case within its policy limits – which is the hallmark of Stowers liability – regardless of whether the excess insurer exercises that control. Furthermore, an excess insurer who refuses to exercise the settlement authority provided by the lower-level insurers could also be pursued by those same lower-level insurers (in addition to the insured) should an excess verdict result.

In sum, Texas policyholders faced with a Stowers demand should demand that their insurers tender the limits to the highest excess insurer in play and then demand that the excess insurer settle the case or face Stowers liability. Doing so will increase the possibility that the insurer – not the insured – bears the risk of an excess verdict.