Healthcare organizations are entrusted with the crucial task of keeping patients happy and healthy. Yet sadly, they aren't doing enough to keep themselves healthy and free of digital incursion. Believe it or not, the healthcare industry is one of the leading targets for cybercrime. Isn't it time you boosted your organization's immune system?
Cyber insurance for medical practices has proven itself a valuable support system for organizations who have fallen prey to data breach or cyberattack. However, there are two types of insurance to be aware of - first- and third-party coverage.
First-party coverage covers the cost of immediate response to an incident such as loss of income due to an operations interruption, data theft or extortion. This is especially helpful for hospitals and doctors' offices since these are the number one target for ransomware attacks.
For those who don't know, a ransomware attack is a harmful malware program that uses encryption to lock legitimate users out of their own devices or network until a lump sum is paid to the aggressor. The typical ransom runs somewhere between $300 and $2,500 for small businesses, but can cost up to $17,000 for healthcare organizations. And hackers know some organization will pay up, since they need to get back to their patients.
Additionally, downtime for similar attacks has an average cost of $488 per hour per physician, not to mention that the cost for a corrupted or stolen record amounts to $363 per record. Can your organization handle these expenses alone?
Third-party coverage goes a little further by protecting the policyholder from claims levied by third parties such as customers or clients affected by the breach. This covers things like legal fees, settlements, media liability, privacy liability and credit monitoring.
While it's true that personal financial data breaches are more likely to generate headlines, medical organization are not immune to litigation. Tampa General Hospital, for example, agreed to pay plaintiffs $10,000 in damages and up to $7,500 in patients' legal fees after an employee allegedly leaked patient information to a cybercriminal.
It might surprise you to learn that patients' medical records are highly sought after in the digital black market, otherwise known as the dark web. For comparison, a stolen credit card number is worth about $1 to $3 online, whereas a patient's complete medical record runs between $30 and $40. That's because credit cards can be canceled, they expire. But medical records contain names, addresses, social security numbers and more information that is perfect for all-out identity theft.
If you are struck by a cyberattack and your patients are negatively affected, there is a high chance your organization will face litigation.
Of course, you'll want to sure up your security so you won't need to fall back on your cyber insurance safety net. Here are a few ways to stymie attacks before they happen: