Legal Notices and Privacy Policy

Updated January 1, 2023

Legal Notices

TDC Group is the common brand for The Doctors Company, an Interinsurance Exchange and its subsidiaries: Healthcare Risk Advisors and TDC Specialty Underwriters. TDC Group itself is not an independent corporate entity. Rather the foregoing entities utilize and share the common brand effectively as a single business. Unless separately identified herein, each of the entities that comprise the common brand are referred to collectively as “TDC Group” in this Privacy Policy.

TDC Group strives to ensure that information contained on our website is current, accurate, and reliable. Factors beyond TDC Group’s control, however, preclude us from any offer of any warranty or guarantee of any nature concerning the accuracy or reliability of any information contained on our website. TDC Group additionally assumes no responsibility for any linked content.

The TDC Group website is intended to serve as a resource to physicians and other persons interested in professional liability insurance and issues affecting the practice of medicine. Users of TDC Group website are warned that they rely on any information contained on the website at their own risk.

All policy provisions are subject to underwriting approval and may vary from state to state. Information on this website should not be construed as a coverage interpretation of the policy in whole or in part. Any actual coverage determination is subject to all of the terms and conditions of the actual policy, endorsements, application, and any actual claims.

By accessing the TDC Group website, you have directed your system to a computer located in the State of California. Any and all disputes arising from the content of the TDC Group website are to be governed exclusively by the laws of the State of California and jurisdiction shall be subject exclusively to courts located within Napa County, California.

Back to top

Privacy Policy

TDC Group recognizes the importance of respecting and maintaining the privacy of our applicants, clients, and others. In the course of providing clients and others with a wide array of services designed to fulfill their insurance needs, it is necessary for TDC Group to gather information. For clients and applicants, we rely almost exclusively on the applications and supporting material you give to us. As such, your personal information will now, or sometime in the future, be collected by, disclosed by, or transferred to TDC Group. Please read this Privacy Policy to understand what we do with personal information and your applicable rights. By accessing the site and using our services, you agree to terms and conditions of this Privacy Policy.

We must sometimes ask our clients and applicants for personal information protected by the Health Insurance Portability and Accountability Act of 1996 and the HITECH Act amendments of 2013 (HIPAA). Our applications, for example, ask for information regarding any claims made against you in the past, and our claims staff may need medical information to provide claims service. Our risk management/patient safety staff may also need medical information to assist you in minimizing risk and increasing patient safety. Some of this information may be covered by HIPAA. To address this, we may add a business associate agreement (BAA) to each of our policies or may enter into a separate BAA with you that confirms we will keep the protected information confidential as required by HIPAA. The BAA simply means that persons sharing protected information in the course of authorized business will do so in compliance with the requirements of HIPAA. This agreement does not change your insurance coverage.

Back to top

What Information Do We Collect?

Depending on your relationship with TDC Group, we may collect and process various types of your personal information (both “personal information” and “sensitive personal information” as defined by the California Consumer Privacy Act and the California Privacy Rights Act hereinafter “CCPA/CPRA”), most of which we get by asking you to provide it to us. The types of personal information we may collect include the following:

  • Contact information (such as name, email address, mailing address, and phone number).
  • Personal identifiers (such as your Social Security number, driver’s license/state ID number, passport number, National Provider ID [NPI], medical license number, policy number, claim information, and account number).
  • Financial information (such as credit/debit card number, bank account number, and credit score).
  • Employment/professional information (such as occupation, title, and work experience).
  • Demographic information (such as age, date of birth, gender, and ethnicity).
  • Health-related information (such as medical history).
  • Biometric information (such as fingerprints, voice recordings, and photographs/images).
  • Geo-location information (such as city/state, ZIP code, and physical location or movements).
  • Internet or other electronic/online network activity information (such as IP address, browsing history, search history, device type, operating system, and duration of session).
  • Inferences drawn from the above categories of personal information reflecting your preferences, characteristics, behaviors, attitudes, and abilities.

In addition to the above categories, you may provide us with additional pieces of information when you apply for coverage, report a claim, apply for a job, or create an account, update, or add information to your account.

Back to top

How Long We Keep Your Information

TDC Group may retain your Personal Information or Sensitive Personal Information while your policy or other accounts with TDC Group are in existence or as needed to provide you our services and for legitimate and essential business purposes, such as maintaining or enhancing the performance of TDC Group services, complying with our legal obligations, and resolving disputes. Because your Personal Information or Sensitive Personal Information may be collected in a variety of different manners and in different contexts, there is not a single retention period that applies to all categories of collected Personal Information or Sensitive Personal Information. TDC Group nevertheless does not intend to retain your Personal Information or Sensitive Personal Information for periods longer than is reasonably necessary for fulfill the purposes for which such information is collected. In general, TDC Group will retain your Personal Information or Sensitive Personal Information to the extent needed to comply with our legal, tax, audit and accounting obligations, which periods of time could extend for seven years or more. Thus, the criteria utilized by TDC Group with respect to the retention of your Personal Information or Sensitive Personal Information may involve an assessment of various state and federal laws and regulations, various Department of Insurance regulations and guidelines and may vary depending on the context, circumstances and purposes for which the information was collected.

Back to top

How Do We Collect Information?

TDC Group may collect your personal information from a variety of sources including:

  • You or your agent whether in an electronic or hard copy format;
  • Your employer(s);
  • Other insurance entities such as other insurers, reinsurers, brokers, and third-party administrators;
  • Claims adjusters;
  • Credit agencies;
  • Government and non-government databases of public information such as medical boards;
  • Claimants and their legal representatives;
  • Social media utilized by TDC Group including LinkedIn, Facebook, and Twitter;
  • Through automated technologies and online browser tools, including the use of cookies;
  • Medical research partners; certification organizations; and
  •  Other third-parties, service providers, business partners or data brokers

TDC Group website utilizes service providers such as Google Analytics that may collect and retain personal information via files such as cookies. Read Google’s Privacy Policy and

Back to top

Reasons We Collect/Use Information

There are a variety of reasons why TDC Group may collect and disclose your personal information. The reasons are as follows:

  • Perform our services and respond to requests. We may use personal information to analyze and underwrite your policy/submission, including through the use of automated decision making systems, provide the services or products you buy, process payments, administer and handle claims (if any), provide a vigorous multi-disciplinary defense, and perform other services requested by you.
  • Protection and security. We may use personal information to protect the security and integrity of TDC Group, our users, and others.
  • Administrative communications. We may use personal information to send you important information regarding our services, such as changes to our terms, conditions, and policies and/or other administrative information.
  • Marketing communications and mailing lists. We may use personal information to show you content based on your interests, including to notify you about our promotions or invite you to participate in surveys.
  • Research and surveys. We may use personal information from you, our service providers, publicly available sources, and other third parties to conduct healthcare research to improve care and outcomes, including sharing information with academic, professional, or other entities for this research.
  • Internal business purposes. We may use personal information collected from the categories mentioned for our internal business purposes, such as data analysis, audits, developing new offerings, and monitoring or improving the use and satisfaction of our services.
  • Legal and regulatory. We may use personal information to comply with our legal or regulatory obligations (such as compliance with anti-money laundering procedures or tax reporting, and to prevent fraud or other illegal activities).

The types of information that may be gathered by TDC Group in connection with your use of our website, which we would ask you to provide us, include information relevant to your policy and coverage, including information about your training, credentials, work history, and license status. We may also gather information concerning any claims previously instituted against you by patients or actions by licensing bodies.

The information above illustrates, but does not exhaust, the kind of information that may be necessary for TDC Group to collect in order to serve our clients’ insurance-related needs. Subject to the provisions above, we will not intentionally disclose any information of a confidential or sensitive nature unless authorized or we are required to disclose the information pursuant to a court order or request from the courts, law enforcement, or regulatory officials.

TDC Group does not offer financial incentives for the use of personal information.

Back to top

With Whom We Disclose Information

TDC Group may disclose your personal information we collect to the following business partners – including “Contractors”, “Service Providers” and “Third Parties” (as defined by the “CCPA/CPRA”):

  • Subsidiary and Affiliated entities. We may disclose your personal information to our subsidiaries and corporate affiliates, including TDC Specialty Insurance Company, TDC National Assurance; The Doctors Company Risk Retention Group; The Doctors Management Company; The Doctors Company Insurance Services and future subsidiaries and affiliates of TDC Group, to use your information consistent with this Privacy Policy.
  • Service Providers and Contractors. We may disclose personal information to service providers and contractors who provide us with services, such as data analysis, online advertising, payment processing, order fulfillment, IT services, customer service, and other similar services. We grant our service providers access to personal information only to the extent needed for them to perform their functions and require them to protect the confidentiality and security of such personal information.
  • Third Parties. We may disclose personal information to unaffiliated third parties who partner with us to deliver our services or on our commercial activities including reinsurers, brokers, third-party administrators, appointed legal counsel, and other claims professionals. Depending on the elections you have made and the nature of the joint activity, these third parties may contact you regarding products or services of interest. However, we do not sell personal information to unaffiliated third parties for their own marketing purposes.
  • Business transfers or assignments. In the event of any reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business or assets (including without limitation in connection with any bankruptcy or similar proceedings), we may transfer any information that we collect from site users or offline to a third party.
  • Law enforcement; emergencies; compliance. We may disclose personal information about you to others as we believe to be appropriate: (i) under applicable law including laws outside your country of residence; (ii) to comply with legal process (iii) to respond to requests from public and government authorities including public and government authorities outside your country of residence; (iv) to enforce our terms and conditions; (v) to protect our operations and property interest; (vi) to protect the rights, privacy, safety, or property of TDC Group, our employees, users of our service, or others; and (vii) to permit us to pursue available remedies or limit the damages we may sustain.
  • At your direction. We may use and disclose your personal information as you otherwise consent.

TDC Group will not voluntarily disclose or use the information except as outlined in this Privacy Policy. TDC Group does not sell or share your personal information for monetary consideration. However, we may disclose your personal information to third parties, contractors and service providers for the purposes described in this Privacy Policy.

Back to top


TDC Group does not knowingly collect personal information of minors without consent from a parent or guardian. If you believe TDC Group possesses personal information of a minor without proper consent and you are the parent or guardian, please contact us using the information listed below.

Back to top

Your Rights (California Residents)

You may have certain rights and choices regarding our processing of your personal information (both personal information and sensitive personal information as defined by the “CCPA/CPRA”) if you are a California resident. California law may entitle you to the following rights:

  • Right to know: You have a right to request TDC Group disclose to you the categories and/or specific pieces of personal information we have collected since January 1, 2022, including whether your personal information is sold or disclosed and the purpose, and to whom it was disclosed. Your right to request such information is limited to twice every twelve (12) months.
  • Right to correct inaccurate personal information: You may have the right to correct that inaccurate personal information.
  • Right to opt-out: You may opt-out of the sale or sharing of your personal information.
  • Right to limit use and disclosure of sensitive personal Information: You may have a right to limit the use and disclosure of your sensitive personal information.
  • Right to delete: You may have a right to request that TDC Group delete your personal information (with limitations).
  • Right to non-discrimination: You have a right not to receive discriminatory treatment by TDC Group for exercising any of the above privacy rights.

Please see below for information on how to exercise your rights. Please note that a large portion of the personal information collected and processed by TDC Group may be out of scope for certain individual rights as it falls under exemptions for information collected under applicable federal laws, including but not limited to the Health Insurance Portability and Accountability Act (HIPAA) and the Gramm-Leach-Bliley Act (GLBA).

Back to top

Exercising Your Rights

To exercise your rights, including submitting a verifiable request, please complete the Data Management Request form or contact us using the information listed below. Because we take the protection of your personal information seriously, in order to process this request, your identity must be verified. We reserve the right to verify your identity in connection with any requests regarding personal information to help ensure that we provide the information we maintain to the individuals to whom it pertains and allow only those individuals or their authorized representatives to exercise rights with respect to that information.

If you are an authorized agent or parent/guardian making a request on behalf of an individual or your minor child, we may require and request additional information to verify that you are authorized to make that request.

We reserve the right to deny your request if we cannot verify your identity. Where we deny your request in whole or in part, we will inform you of the denial, provide an explanation of our actions, and the reason(s) for the denial.

We will not restrict or deny you access to our services because of choices and requests you make in connection with your personal information.

Data Management Request

Back to top

Our Cookies

Your browser may offer “cookies,” temporary files used to facilitate your website access. If you allow their use, cookies store small amounts of data on your computer that allow you to better experience our websites’ features. Cookie information is not shared with any other entity. You may configure your browser to reject cookies and still access our websites.

Third-party sites hyperlinked from TDC Group may contain cookies that are collected by the third-party site owner. These cookies are beyond our control, and we do not have access to this information.

Additionally, when you use our website, some browsers have Do Not Track (DNT) features that allow you to tell a website not to track you. TDC Group does honor the AdChoice DNT signals. Please be aware that limiting the ability of website technologies may limit your experience and in some cases the sites may not work.

Back to top

Hyperlinks to Third-Party Sites

TDC Group website content includes a number of hyperlinks to the sites of third parties. These hyperlinks are provided as a service to our users when the site might contain some pertinent information for our users. The privacy policies of these third-party sites, such as the types of information collected and the use of the collected information, is unknown to and beyond the control of TDC Group.

Back to top

Security and Protection of Personal Information

We assure you that we strive to take commercially reasonable steps to safeguard all such information of a confidential nature. We have put in place reasonable and appropriate technical and information safety safeguards designed to protect against unauthorized or unlawful processing of personal information and against accidental loss, destruction, or damage to personal information. While it is our practice to take reasonable steps to secure personal information, the confidentiality of information transmitted over the Internet cannot be guaranteed. We urge you to exercise caution when transmitting personal information over the Internet.

Back to top


TDC Group reserves the right to amend this Privacy Policy at our discretion and at any time. When we make changes to this Privacy Policy, we will post the updated notice on the website and update the Privacy Policy effective date. Your continued use of the site and our services following the posting of changes constitutes your acceptance of such changes.

Back to top

Contact Us

If you have any questions or comments about this Privacy Policy, the ways in which we collect and use your information described in this Privacy Policy, your choices and rights regarding such use, or wish to exercise your rights, please do not hesitate to contact us at:

Phone (800) 421-2368
Mail PO Box 2900
Napa, CA 94558

Back to top