I don't think you are. The insurance company will obviously need to know what they are insuring. I initially figured that this would simply require the user to share all of their master public keys with the insurance company, but this is not the case. Ignoring the massive privacy implications of doing this, this wouldn't work since the insurance company would have no proof that the master public keys you have shared with them are actually derived from your seed phrase and stored on your hardware wallet. Even signing messages would only prove ownership, and would not prove that the keys were stored on the hardware wallet.

Even if you found some way to prove that the keys were stored on the hardware wallet, then again there is no way to prove that you haven't duplicated those keys to another wallet. The only way round this I can think of is for the hardware wallet to come pre-initialized, and have no way for the user to access their seed phrase or private keys. This is obviously completely unacceptable, completely insecure, and provides zero back ups, so no one would ever use it.