Page 4 - SFHNAugust2020finalUF.qxp_SFHN 0608 Friday 5.0
P. 4
Cyber Attacks on Healthcare
Companies Increasing as More
Employees Work from Home
BY VANESSA ORR
When the COVID-19 crisis hit, many
businesses sent their employees home to
work remotely. And while this may have
helped to keep the companies running,
it also created the opportunity for cyber
criminals to access confidential informa-
tion.
“We’re seeing a number of cyber issues
relating to the COVID pandemic, includ-
ing practices that have had their systems
breached or hit with ransomware
issues,” said Matt Gracey, medical mal-
practice insurance specialist at Danna- Matt Gracey
Gracey, the largest independent medical
malpractice insurance agency in Florida. focused on COVID and not its computer
“Healthcare is the #1 target for cyber crim- systems,” he added. “It’s a real Achilles’
inals, and it’s getting worse; the World heel at the moment.”
Health Organization (WHO) recently
reported that there’s been a fivefold Is Your Practice Covered?
increase in cyberattacks on their organiza- According to Gracey, doctors need to
tion since the COVID crisis began.” get in touch with their insurance agents
Any company that has a security breach as soon as possible to review their cyber
as the result of people working from home liability coverage. “Most doctors have
offices may be liable, and can be sued for very minimal coverage; our experience is
the unauthorized release of confidential that the majority have their cyber cover-
patient information. Gracey gives the age either through their property pack-
example of the Florida Orthopedic age policy or through their malpractice
Institute, which is being sued for $99 mil- insurance policy.
lion on behalf of patients for the compa- “Either way, most of the cyber cover-
ny’s failure to keep their information age we see out there is insufficient to
safe. cover the risk a practice is taking on the
On top of being sued, companies also cyber side,” he added, advising that busi-
face the likelihood of being fined by the nesses get a stand-alone, robust policy
government for HIPAA (Health that has much broader coverage. These
Insurance Portability and Accountability policies should also include access to a
Act) violations. comprehensive and robust response
team to solve any problems that arise.
The Perfect Storm “Part of the problem with cyber claims
In addition to having employees work- is that you can call your IT people after
ing from non-secure home offices, many a ransomware attack, but they can only
healthcare companies are also at risk do so much,” Gracey said. “Many prac-
from having to reformat their practices tices call their attorneys to help, but they
in the age of social distancing. have no expertise in this area. A good
“I’ve read that within the first two policy has a whole response team that
weeks of us shutting down as a country moves in to handle the issue, even nego-
back in the spring, between 80 and 90 tiating with the hackers.”
percent of healthcare providers initiated Gracey added that while healthcare
telehealth practices in some form or providers may not be able to completely
another,” said Gracey. “The vast majority avoid cyberattacks, taking a proactive
of practices went from very limited use role in protecting their patients’ informa-
of telehealth to some form of it, ranging tion—and their own practices—is vital.
from FaceTime to something more “Having good, solid protocols in place
sophisticated. You can image the cyber can help to lessen HIPAA violations;
security issues that come from an entire even if they fail, the government takes
industry sector rushing to get into a into account that you didn’t ignore the
form of communication that they’ve not risk,” he said. “There are going to be a
used before.” lot more information breaches in the
Cyber criminals also have gotten quite future, so doctors should be doing every-
acute at targeting potential victims, cre- thing they can to protect themselves
ating new scams centered around the from cyberattacks.”
COVID-19 crisis.
“They are doing things that range from To find out if you’re prepared, contact
offering fake diagnostic tests to phishing Matt Gracey or Tom Murphy at
scams representing themselves as the (800) 966-2120 or
CDC and asking to audit a practice for visit www.dannagracey.com.
safety reasons,” said Gracey. “They have
created quite a number of malicious
websites advertising all kinds of help for
COVID issues, when really all those sites
are doing is loading malicious software
onto emails and websites.
“Cybercriminals are working double-
time against U.S. healthcare, which is
E-mail Your Editorial Submissions to
editorial@southfloridahospitalnews.com
4 August 2020 southfloridahospitalnews.com South Florida Hospital News
