Healthcare Settlements Cost Big Bucks - Here's How to Avoid One

The healthcare industry works tirelessly to make sure our bodies are in healthy working order, but that's not to say they aren't vulnerable themselves.

Healthcare providers are often rattled by cyberattacks which can impede their ability to deliver care or leak sensitive personal or financial information on their patients.

While this is tragic in its own right, the troubles aren't over when the attack is over. Some organizations face class-action lawsuits for allowing their network to be breached by cyber crooks.

The key to overcoming these threats lie in improving medical cybersecurity protocols and investing in data breach insurance from a reputable provider.

Below are a few ways cyberattacks can threaten the medical industry and what organizations can do to protect themselves and their patients.

Assailing Health & Wealth
In February 2017, Horizon Healthcare Services Inc. agreed to pay a $1.1 million settlement for failing to properly protect the privacy of close to 690,000 New Jersey-based policyholders.

How did this happen? The company stored the personal information of all the affected consumers on two laptops, which were stolen. To make matters worse, the personal information stored was not encrypted as required by federal law.

Similarly, Tampa General Hospital settled a lawsuit in December 2016 after patient information was allegedly shared with an unauthorized individual outside of the organization by a hospital employee. According to HIPAA Journal, "Fraudsters often target the lowest paid healthcare workers and pay them to steal patients' personal information."

However, Tampa General Hospital denies any wrongdoing and maintains it is not responsible for the actions of former employees. Even so, they agree to pay plaintiffs $10,000 in damages and up to $7,500 in litigation expenses.

So, why exactly are hospital records so valuable to hackers and cyber thieves? In truth, medical records hold all the information necessary to commit identity fraud including names, birthdates, social security numbers and financial information. This data can also be flipped on the dark web, which means quick cash for the hacker and a lifetime of dejection for victims.

Thankfully, there are steps you can take to reduce the chances of a cyberattack:

  • Adopt Encrypted Cloud Storage: The cloud enables organizational users to access and share data across their organization without the fear of unauthorized incursion.
  • Implement Ransomware Detection: Medical organizations are a top target for ransomware scams which lock employees out of a device or network until an extortion fee is paid. Anti-malware software can help to detect and thwart these attacks.
  • Backup Essential Records: Remember to back up your records so if a hacker infiltrates or locks your network, you won't be at a complete loss.
  • Hire an External IT Staff: It can be tough to dedicate the time and resources necessary to defend your network. Try hiring an agency instead.
  • Educate Employees on Common Risks: Employees routinely fall for phishing scams, Trojan downloads and social engineering scams. Train your employees to recognize and avoid these threats.

If you have implemented the proper cybersecurity protocols, there shouldn't be any reason to file a class-action lawsuit against your practice; even if your network is successful breached.

Still, a cyber risk insurance provider like CyberPolicy will be able to insulate your business against financial damages resulting from a cyberattack, lawsuit or extortion.

Interested in learning more about medical cybersecurity? Then visit CyberPolicy today!

© 2016-2020 CyberPolicy, Inc. All rights reserved. CyberPolicy®, "Plan. Prevent. Insure."™, and "CyberCheckup"™ are trademarks of CyberPolicy, Inc.
DBA: CyberPolicy Insurance Solutions CA License No. 0L13180
DBA: CoverHound Insurance Solutions CA License No. 0H52375