L&T Blog

Is Your Private Patient Data Secure? Cyber Liability Can Offer Healthcare Providers Peace of Mind

September 10, 2019

In today’s healthcare environment, IT vendors are vital to managing enormous amounts of healthcare data to increase efficiency, enhance patient care and improve financial performance. However, technology vendors can inadvertently create security gaps – making it possible for destructive data breaches to occur. These vulnerabilities expose private patient information and can destroy an IT vendor’s reputation.

Private Health Information Can Be Easily Put At-Risk

ClearDATA, a market leader for HIPAA-compliant healthcare cloud computing, outlines five common ways technology vendors can put protected health information at-risk in a recent whitepaper. These common security missteps include:

·        Failing to Assess Risk – Too often, vendors do not examine their system’s weaknesses until it’s too late. Undergoing regular checks can assess potential risk and implement safeguards accordingly.

·        Lack of Awareness Regarding System Activity – Apps and hardware that bypass official IT protocol – often in the name of efficiency – could very easily expose this private information. These unauthorized and unsafe practices quickly offer cybercriminals access to your database.

·        Failure to Maintain the System with Software Patches – IT vendors need to ensure all relevant systems are upgraded with security patches. Security patches are one of the most effective ways to fill holes in your system’s security and safeguard data.

·        Lack of Training – No matter how much money is spent on the latest and most sophisticated software, vulnerabilities can quickly develop with human error or inadequate training when it comes to protecting patient data.  

·        Change Management – Whether a healthcare organization is adopting new technology, switching to a new system or combining patient databases, vulnerabilities can easily and quickly arise. During these times, alterations may happen without approval from key IT individuals.

Protect Against Security Breaches with Cyber Liability

As illustrated in the whitepaper, healthcare providers should be especially aware of cyber risk as they work with enormous amounts of sensitive patient data. This private information can be quickly exposed by even the most innocent oversight.

Among the most important steps in preventing a serious breach is investigating what options are available in terms of cyber risk management. Standard insurance policies only insure against physical loss and won’t be too helpful when it comes to protecting individuals’ sensitive health data. On the other hand, cyber liability emerged in recent years as an effective way to combat and protect one’s business against cyber criminals.

As with any insurance, matching an organization to the most appropriate policy is best accomplished on a case-by-case basis. Bringing in a skilled insurance expert can help healthcare organizations navigate the complexities of cybercrime, illuminate potential threats and identify gaps insecurity that may have been overlooked. They’ll recommend a policy based on an organization’s unique risks and challenges.

In the case of a breach, cyber liability insurance can:

·        Cover a loss of data, including private information such as healthcare information, Social Security or credit card information

·        Notify affected parties and provide coverage to cover the costs of ongoing identity theft or credit monitoring needs

·        Help pay for public relations, legal experts and computer forensic specialists to manage investigations and community/media outreach

Moreover, cyber liability gives business leaders access to seasoned industry experts and assures customers their private health information will be swiftly protected.

Contact Lovitt & Touché today to see if cyber liability makes sense for your organization.