Insurance for mental health group practices and their clinicians.
Redoubt helps therapy, counseling, and behavioral-health groups coordinate entity malpractice, clinician coverage, prior acts, supervision, telehealth, patient data, workforce obligations, and office insurance as the roster, locations, states, and services change.
Sources reviewed July 17, 2026
- Legal entity, DBAs, owners, locations, and credentials
- Clinician roster, status, license, state, service, and dates
- Entity and individual policies with retroactive dates
- Telehealth, vendors, patient data, workforce, and office
- Payer, platform, facility, lease, renewal, or incident deadline
Coordinate the entity, clinicians, services, and dates
This page is for a practice that employs, contracts with, supervises, or bills for multiple clinicians. One entity certificate does not prove every person, service, state, prior act, location, or policy relationship is covered.
Use this page for
- A solo entity adding the first clinician
- A therapy or counseling group hiring or contracting clinicians
- A practice adding associates, interns, trainees, or supervision
- A group opening locations or adding telehealth states and services
- A practice coordinating entity and individual claims-made coverage
A different buying task
- —A solo clinician whose only question is personal or employer malpractice coverage
- —A hospital, inpatient, residential, detox, IOP, medication-management, or physician practice treated as ordinary outpatient therapy
- —A full HIPAA, Part 2, licensing, payer, or employment-compliance program
- —A promise that every employee, contractor, intern, or service fits one form
Solo and employer-versus-personal questions have a separate guide
If the practice has no other clinicians, start with the therapist and counselor page for personal malpractice, employer coverage, side practice, solo entity, credentialing, telehealth, and office questions. Return here when the entity employs, contracts with, supervises, or bills for other clinicians.
Open the therapist and counselor malpractice guideStart with the event that created the insurance need
A written requirement, business change, renewal, complaint, or possible claim can produce a different submission. Identify the event before guessing at a policy or limit.
| Trigger | What to review |
|---|---|
| Forming or credentialing the entity | Match legal and trade names, ownership, locations, organization identifiers, payer contracts, services, owners, clinicians, and launch dates. |
| Adding or removing a clinician | Review status, license, state, services, supervision, start or end date, roster reporting, personal policy, prior acts, and old-work responsibility. |
| Associate, intern, trainee, or supervisor | Confirm credential and scope, supervisor, documentation, billing, patient population, policy eligibility, board rules, and explicit coverage. |
| New location, state, or telehealth | Update provider and patient states, authority, policy territory, office/lease, vendors, records, emergency plan, property, and GL. |
| New service or higher-acuity program | Disclose assessment, testing, groups, SUD, medication, IOP, residential, transportation, after-hours, and other specialized operations. |
| Renewal, complaint, breach, or employment issue | Preserve notices, reconcile every policy and roster, disclose requested claims or circumstances, and address cyber, workers-comp, or EPLI facts. |
Every person, service, state, and date needs a defined place
Use a roster that can be reconciled against entity and individual policies. Do not include patient information in the insurance intake.
| Practice component | Questions that change the review |
|---|---|
| Practice entity | Exact legal name, Utah registration, DBAs, ownership, prior entities, acquisitions, credentialing, and organization NPI |
| Owners and directors | Licenses, clinical services, administrative duties, ownership, personal policies, and retroactive dates |
| Employed clinicians | License and state, services, hours or visits, supervision, start or end date, entity status, and individual coverage |
| Contract clinicians | Contracting entity, actual relationship, license, services, separate insurance, limits, retroactive date, evidence, and indemnity |
| Associates and trainees | Credential, permitted scope, supervisor, setting, documentation, billing, patient population, and form eligibility |
| Former clinicians | End date, old work, reporting access, roster notice, tail or prior acts, records, complaints, and entity responsibility |
| Administrative staff and vendors | Records and funds access, billing, scheduling, EHR, cloud, telehealth, answering, collections, and business-associate role where applicable |
Shared entity limits and personal policies must be reconciled
The best structure depends on insured definitions, roster process, services, states, credentialing, limits, prior acts, reporting control, and the relationship between forms.
| Structure | Questions to answer | Misunderstanding to correct |
|---|---|---|
| Entity policy with clinicians | Who qualifies, when roster notice is required, which services and states are accepted, and whether limits are shared | A certificate in the entity name does not prove every clinician or service is included. |
| Separate clinician policies | Does each policy include the right entity relationship, required limit, professional services, and retroactive date? | Personal policies do not automatically protect the group entity for its own liability. |
| Entity plus individual policies | How do defense, notice, other insurance, deductibles, and limits coordinate? | Two policies do not automatically create two collectible limits. |
| Contract clinician evidence | What must be carried, maintained, reported, and monitored, and how do duties flow down? | A 1099 and COI do not settle worker status or the entity's liability. |
| Clinician onboarding | What old work, retroactive date, claims, board matters, states, services, and personal policy must be reviewed? | Adding a name after work begins may not backdate protection. |
| Clinician offboarding | When is roster notice due, who reports old matters, and who owns tail, records, and complaints? | Removing a clinician operationally does not erase prior work. |
Match the allegation or event to the policy review
Entity and clinician malpractice should be reviewed beside cyber/privacy, GL/BOP, property and business income, workers compensation, EPLI, crime, and explicit abuse or sexual-misconduct provisions. Each responds to different people, duties, allegations, and events.
| Scenario | Coverage or feature to review | Why the label is not enough |
|---|---|---|
| Alleged clinical error by a clinician or entity | Entity and individual malpractice | Insured status, service, supervision, state, prior acts, limits, and allegations control. |
| Licensing complaint, subpoena, or peer-review matter | Board, disciplinary, or subpoena feature | Individual and entity features, triggers, counsel, and sublimits differ. |
| Patient data breach, ransomware, or vendor incident | Cyber/privacy, breach response, and crime | Insurance is not HIPAA or Part 2 compliance. |
| Visitor injury or office loss | General liability, property/BOP, and business income | Premises, professional-services, abuse, and other exclusions must be reviewed. |
| Employee injury or workplace allegation | Workers compensation and EPLI | Worker relationship, payroll, ownership, policies, and Utah requirements matter. |
| Abuse or sexual-misconduct allegation | Explicit abuse/molestation or sexual-misconduct provisions and safeguarding controls | Never assume malpractice or GL includes the allegation, people, or limit. |
Specialized or higher-acuity work needs an explicit stop point
Disclose client ages and populations, assessment and testing, supervision, groups, crisis or court-involved work, home or school visits, medication management, substance-use services, IOP or residential programs, transportation, after-hours response, and every location. Medication, SUD, IOP, residential, and physician or APP work should trigger specialized underwriting.
Use conditional language and map the actual data role
Determine whether the organization is a HIPAA covered entity or business associate, identify vendors handling electronic protected health information, maintain the required risk analysis and agreements where applicable, and map breach response. Assess 42 CFR Part 2 only for qualifying programs, records, and roles. Insurance does not create compliance.
A 1099 is not the end of the worker analysis
Ask who controls scheduling, rates, systems, records, billing, supervision, location, and method; whether the clinician has a separate entity and independent business; and who carries insurance. Utah employers generally need workers-comp coverage subject to current law and limited exceptions. An owner waiver is not a blanket exemption for a group.
Review abuse or misconduct coverage by name
Ask about client populations, background checks, supervision, physical and digital contact, transportation, home visits, incident and mandatory-reporting procedures, complaint handling, policy wording, limits, and exclusions. Do not imply that malpractice or general liability silently includes every allegation.
Roster changes can create prior-acts and reporting gaps
Before a clinician joins or leaves, reconcile old and new policies, retroactive dates, entity relationships, known matters, other-insurance provisions, roster deadlines, reporting access, and tail or prior-acts responsibility. Preserve a dated insurance roster rather than relying on payroll or credentialing systems alone.
Retroactive date
How far back eligible professional services may reach, subject to the form.
Prior acts
Whether earlier work is accepted when a policy starts or changes.
Reporting
When a claim or circumstance must be reported under the policy.
Replacement or tail
How continuity or an extended reporting period is addressed when coverage ends.
Prepare the facts that change underwriting
- Legal entity, DBAs, owners, locations, prior entities, acquisitions, credentialing, and organization NPI
- Clinician roster with credential, state, employee or contractor status, start or end date, services, supervisor, and personal policy—no patient data
- Services, populations, settings, telehealth states, visits, revenue, and specialized programs
- Payer, platform, facility, school, lease, or other written requirements
- Current entity and individual declarations, retroactive dates, roster process, and loss runs
- Claims, complaints, board matters, subpoenas, incidents, departures, and known circumstances requested by applications
- EHR, cloud, telehealth, billing and other vendors, data flow, agreements, cyber controls, and incidents
- Payroll, worker relationships, employment practices, office property, and safeguarding controls
Why a national average is not a useful quote
Pricing and carrier appetite depend on the actual professional services, limits, people, contracts, controls, continuity, and loss history. Important factors include:
- Entity and clinician count
- Credentials, supervision, and trainees
- Services and client populations
- States, telehealth, visits, and revenue
- Prior acts, claims, and board history
- Limits, retention, and roster process
- Cyber, office, and employment controls
- Program acuity and safeguarding
Verify the rule or requirement at its source
Licensing, contract, compliance, and insurance requirements are different. These sources support the dated context on this page; the current agency instructions, written agreement, application, and policy still control.
CMS NPI fact sheet
Individual Type 1 and organization Type 2 identifier distinction; an NPI does not create coverage.
HIPAA covered entities and business associates
Covered-status and role distinction.
HHS business-associate agreement provisions
Vendor and business-associate contract context.
HHS cloud computing guidance
Cloud provider, business-associate, and risk-analysis context.
HHS security risk analysis
Security-program context where HIPAA applies.
HHS breach notification
Incident-response and notice context.
HHS 42 CFR Part 2
Current Part 2 rule and scope source; do not generalize it to every practice.
Behavioral-health telehealth licensure
Provider and patient location and legal-authority distinction.
Utah DWS worker relationship
Utah employee and independent-contractor factors.
Utah employer workers-comp guide
Current Utah employer coverage and exception context.
Utah workers-comp coverage waivers
Owner and no-employee waiver route without generalizing it to groups.
Build a useful insurance submission
Answer the operating questions, then send the requirement through a secure continuation path. Do not place patient, client, consumer, account, claim, or other sensitive records in an ordinary marketing message.
How is the practice organized?
Mental Health Group Practice Insurance questions
Does a mental health group practice need its own malpractice policy?+
The entity can face its own allegations and may not be protected by clinicians' personal policies. Review the entity, roster, services, contracts, locations, states, and individual-policy coordination.
Does each therapist still need an individual policy?+
There is no universal structure. Personal portability, credentialing, board defense, shared limits, contract terms, services, and the entity form shape the decision.
Does a clinician's personal policy cover the group LLC?+
Not automatically. Confirm entity insured status, clinician relationship, covered services, other-insurance wording, and any required endorsement or schedule.
Are malpractice limits shared across the practice?+
Many entity programs use shared limits, but the declarations and form control. Review each claim and aggregate limits, entity and clinician treatment, defense erosion, and retention.
Are W-2 and 1099 clinicians covered the same way?+
Not automatically. Employment or tax labels are separate from policy eligibility. Disclose every relationship and review insured-person, roster, supervision, and reporting requirements.
Does a 1099 mean a clinician is legally an independent contractor?+
No. Utah and federal sources consider the actual relationship. Control, scheduling, systems, billing, supervision, entity, independent business, and other facts matter.
Are associates, interns, trainees, and supervisees covered?+
Only if their credential, scope, supervisor, services, and policy provisions permit it. Never infer coverage solely because a person appears on an internal roster.
What happens when a clinician joins or leaves the practice?+
Document start and end dates, old work, current and former policies, retroactive dates, known matters, roster notices, reporting access, other-insurance terms, and tail or prior-acts responsibility.
Does a Type 2 NPI create malpractice coverage for the entity?+
No. An NPI is an identifier. The policy must still name or include the entity and eligible people and services.
Can a group practice provide telehealth across state lines?+
Insurance does not grant permission. Confirm provider and patient locations, each clinician's legal authority, policy territory, vendors, records, and emergency procedures.
Is every group practice subject to HIPAA?+
Do not assume that. Covered status depends on the entity's activities and covered transactions; business-associate duties depend on the role and data flow.
Does cyber insurance make a practice HIPAA compliant?+
No. Insurance can address eligible incident costs and liability. Compliance requires current organizational safeguards, agreements, risk analysis, procedures, and legal duties where HIPAA applies.
Does 42 CFR Part 2 apply to every mental health group?+
No. It applies to qualifying Part 2 programs and covered records or roles. Use current HHS guidance and qualified compliance counsel for the actual practice.
Does a group practice need workers compensation in Utah?+
Utah employers generally must maintain workers-comp coverage, subject to current law and limited exceptions. Review owners, employees, contractors, payroll, entities, and any waiver facts.
Does malpractice or general liability cover abuse or molestation allegations?+
Never assume it does. Review explicit policy language, limits, exclusions, insured people, services, safeguarding controls, and reporting procedures.
Are medication management, SUD treatment, testing, IOP, or residential services covered?+
These are specialized operations that should be disclosed and may need different markets, forms, controls, or licenses. Do not rely on a standard therapy-group assumption.
What should I send Redoubt?+
Send entity names and current policies, a clinician roster without patient data, licenses, states, services, locations, telehealth, credentialing or lease terms, workforce and payroll, cyber controls, losses, and known matters.
Continue with the page that owns the next decision
These links separate individual and entity intent, specialized professional work, workforce questions, and vehicle use instead of treating every profession as one generic policy.
Therapist and counselor malpractice insurance
Use the individual route for employer, side-practice, solo-entity, personal malpractice, and credentialing questions.
Utah workers compensation
Review current Utah workforce and workers-comp questions for the practice.
Employees using personal vehicles
Review home visits and business use of clinician or staff vehicles.
Send the document before guessing at coverage.
Redoubt can review the requirement and identify the entities, people, professional services, dates, controls, and supporting policies needed for a useful submission.