Page 11 - SFHN917pages40pfinal.qxp_SFHN 0608 Friday 5.0
P. 11
Malpractice Insurance
EXPERT ADVICE
Cyber Attacks in Healthcare
Last November I read an article that broke down the price of data on the black mar- you can get up to $1 million for an additional cost. I
ket. It estimated that a credit card number is worth $1, a Social Security number is would strongly advise you to check your coverage, as
worth $3, and a medical record is worth $200. This really caught my attention and I you may only have the basics covered. Bear in mind
wondered what the “value” differential was all about. that $50,000 is not appropriate coverage in the event BY JULIE DANNA
I did some casual research on what exactly “cyber thieves” wanted from the health- of a good-sized cyber attack, as the average cost of
care world. As it turns out, a medical record with personal health information (PHI) handling a medical practice’s data breach is $201* per
is not only data rich, but it could be years before the victim knows their information patient/customer’s record.
has been compromised. Here are some of the costs associated with a cyber/privacy breach*:
Cyber thieves use PHI a number of different ways. With the lab results, medication • Customer notification: $1 - $2 per patient record regardless of whether they are
records, insurance numbers, and even the PINs and security questions that patients a current patient
use to protect their information, they are able to file fraudulent insurance claims, • Forensic research and data-recovery consultation: $250 – $300 per hour
receive medical treatments - including surgeries, and obtain prescription drugs or • Legal fees: $400 – $600 per hour
medical equipment. In addition, they can sell your identity on the black market. • Credit-monitoring subscriptions: $10 – $20 per patient/person
A recent survey of healthcare organizations found that 90% reported at least one • Credit card reissuance fee: $10 -$30 per credit card
data breach within the past two years, with an average economic impact of $2 million • Information hotlines for customer support: $5+ per call
per incident. According to a March 2014 report from the Ponemon Institute, cyber In closing, you are not only at risk by criminals but from a severe storm causing a
breaches of PHI could cost the U.S. healthcare industry as much as $5.6 billion annu- power surge and damaging or destroying your entire database, human error, and final-
ally. ly intentional criminal activity from either inside or outside of your organization.
As an insurance agent who has been working solely in the healthcare arena since If you aren’t sure whether or not you need to purchase additional cyber coverage,
1994, this caused me great concern for the doctors and healthcare facilities that I contact a cyber-insurance specialist.
assist. Consequently, I read everything I could get my hands on, obtained my Cyber
Risk Management Certification, and aligned myself with leaders in cyber insurance. Julie Danna, medical malpractice insurance
Relieved, I thought, “No problem. Healthcare providers already have coverage for any specialist with Danna-Gracey, can be reached
cyber attacks included on their malpractice insurance policies, so it’s all good,” at (888) 720-0144 or julie@dannagracey.com.
although something kept gnawing at me. Just to be safe I created a spreadsheet out-
lining the cyber coverage on major malpractice insurance carriers’ cyber policies, and * According to the Ponemon Institute’s
that’s when I realized that some of the important coverages were missing. 2014 annual study
Most of you who have medical malpractice insurance with a major carrier have
cyber/privacy breach coverage, typically $50,000 (one actually offers $100,000), and
No exit strategy? Everything
you built could be at risk.
Kevin N. Fine, MHA
Ƥ̻Ǥ
Ǥ
You’re proud of the practice you built. But what about the future?
In this volatile environment, delaying exit planning may destroy the value you created.
Ƥ ǯ
Ǥ
South Florida Hospital News southfloridahospitalnews.com September 2017 11
