We've noticed that you're using an ad blocker

Our content is brought to you free of charge because of the support of our advertisers. To continue enjoying our content, please turn off your ad blocker.

It's off now Dismiss How do I disable my ad blocker?
❌

How to disable your ad blocker for our site:

Adblock / Adblock Plus
  • Click on the AdBlock / AdBlock Plus icon on the top right of your browser.
  • Click “Don’t run on pages on this domain.” OR “Enabled on this site.”
  • Close this help box and click "It's off now".
Firefox Tracking Prevention
  • If you are Private Browsing in Firefox, "Tracking Protection" may casue the adblock notice to show. It can be temporarily disabled by clicking the "shield" icon in the address bar.
  • Close this help box and click "It's off now".
Ghostery
  • Click the Ghostery icon on your browser.
  • In Ghostery versions < 6.0 click “Whitelist site.” in version 6.0 click “Trust site.”
  • Close this help box and click "It's off now".
uBlock / uBlock Origin
  • Click the uBlock / uBlock Origin icon on your browser.
  • Click the “power” button in the menu that appears to whitelist the current website
  • Close this help box and click "It's off now".
  • Topics
  • Health IT
  • Careers
  • Law/Malpractice
  • Compensation
  • Staffing
  • Pearls
  • Contribute to Site

Modern Medicine Network
  • Login
  • Register
Skip to main content
Modern Medicine Network
  • Login
  • Register
Menu
User
Home
  • Topics
  • Health IT
  • Careers
  • Law/Malpractice
  • Compensation
  • Staffing
  • Pearls
  • Contribute to Site

SUBSCRIBE: eNewsletter

Your Cyber-Risk Policy: What it Covers and What it Doesn't

  • Jeffrey D. Brunken
May 31, 2015
  • HIPAA, Health IT, Risk Management, Technology
  • Physicians Practice

In healthcare, we deal with highly sensitive and very private electronic information, so of course our ears perk up every time we see headlines about the latest cyber threat or breach. The natural question is whether this could happen to us. This is constructive if it leads to cyber risk-prevention. But all too often, folks are responding with, "it could not happen to me," or "my insurance policy covers this so I'm prepared." These folks are ignoring the growing cyber threat around all of us. They are whistling past the "cyber" graveyard.

We live in a digital age where almost everything is accessible — even more now with the evolution of EHRs — so we have to run our businesses as though we are all at risk. To be prepared, we must first understand the common sources of cyber risk. Second, we must understand the basics of cyber insurance policies we may or may not have in place.

There are several ways breaches at small healthcare organizations may occur:

1. Disgruntled employees are one of the leading reasons for cyber attacks. They know your systems — likely better than you do — so keep a close watch on them and what type of data they have access to. Really pay close attention to new staff and those that may be on their way out. Also make sure they know they are monitored.

2. Cyber criminals are looking for remote Internet access services with weak passwords. Require and enforce more complex passwords and require employees to change their passwords regularly.

A smart form of cyber protection is a cyber-risk insurance policy. These provide bundled services designed to help you quickly respond to a data breach. However, there are many cyber insurance product options to consider. These range from standalone policies with high limits and comprehensive services to policy add-on coverages typically offering less coverage.

Rather than stumbling through a maze of complicated cyber-related insurance rhetoric, do yourself a favor and review your options with an experienced broker:

• Carefully scrutinize "free" cyber coverage or riders added onto your base coverage. While not totally worthless, the majority come nowhere near covering the exposure of a potential cyber breach (which explains why they are typically thrown in at no additional cost). In reviewing your insurance coverages with your broker, it's easy to brush by this one and mentally check off the fact that you have cyber coverage. Drill into the details of what's covered, as outlined below.

• Find out how much you are covered for and what out-of-pocket expenses you could expect. A data breach at a small physician practice could run into the hundreds of thousands of dollars or even higher. This type of uncovered damage could put a small practice out of business. Some expenses physicians can expect to incur when a breach occurs include legal fees, IT forensic costs, notification costs, credit monitoring costs, and public relations and advertising expenses to reclaim patient goodwill as well as making the public aware of the steps taken to address the breach.

Cyber risk is not just a technology issue. It affects all elements of the healthcare business and needs to be well-planned and mitigated through ongoing education and risk-management programs.

Related Articles

  • HIPAA and the Importance of Data Availability
  • Paper Still Matters in Healthcare
  • mHealth and Adolescents: Deciding Privacy vs. Patient Needs
  • Recent HIPAA Infractions
  • Medical License Retention Tips

Resource Topics rightRail

  • Resource Topics
  • Partner Content
Mobile
Work/Life Balance
Medical Billing & Collections
Coding
HIMSS
Ebook: Improving Your Practice’s Revenue Without Adjusting Your Revenue Cycle Process
Taking an Integrated Data-Driven Approach to Charge Capture
Physician Burnout and the Burden of Documentation
Interface Engines Simplify Interoperability – But Should you Go It Alone?
The impact of patient financial satisfaction on the independent medical practice
Connect with Us
  • Twitter
  • Facebook
  • LinkedIn
  • RSS
Modern Medicine Network
  • Home
  • About Us
  • Advertise
  • Advertiser Terms
  • Privacy statement
  • Terms & Conditions
  • Editorial & Advertising Policy
  • Editorial Board
  • Contact Us
Modern Medicine Network
© UBM 2018, All rights reserved.
Reproduction in whole or in part is prohibited.