Error Omissions
Error Omissions
Submit your information below so we can contact you with a FREE quote
[All fields are required.]
Actual Annual Revenue:
Verify:
=
I have read and agreed to theTerms & Conditions
Error Omissions
Error Omissions

2015 Healthcare Industry Facing More Data Breaches

The Year Ahead Sees Healthcare Industry Facing More Data BreachesRobust Security Measures, Cyber Liability Insurance Integral to Risk Mitigation

 

A new report from Experian cites the healthcare industry as continuing to be an attractive target for cyber criminals into 2015 due to the sector’s expanding number of access points to protected health information (PHI) and other sensitive data via electronic health records and the growing popularity of wearable technology.

According to Experian’s second annual Data Breach Industry Forecast, healthcare organizations accounted for about 42% of all major data breaches reported in 2014. “We expect this number will continue to grow until the industry comes up with a stronger solution to improve its cyber security strategies,” said Michael Bruemmer, vice president at Experian Data Breach Resolution, in a written statement.

As we discussed in previous articles, the report underscores the fact that healthcare organizations face the challenge of securing a significant amount of sensitive information stored on their network. This combined with the economic value of a medical identity string makes them an attractive target for cybercriminals. Add to this the fact that many doctors’ offices, clinics and hospitals may not have enough resources to safeguard their patients’ PHI, and the situation is exacerbated.

According to the Experian, patients’ Medicare cards, which are often carried in wallets for doctors’ visits, are particularly vulnerable as they contain valuable information such as a person’s Social Security number that can be used for fraud if they get into the wrong hands. Experian adds that it is “not aware of any federal or law enforcement agency which tracks data on SSN theft from Medicare cards, but the problem is widely acknowledged.”

The takeaway from the report: Healthcare organizations will need to step up their security posture and data breach preparedness or face the potential for scrutiny from federal regulators. In fact, earlier this year, the FBI released a private notice to the healthcare industry warning providers that their cyber security systems are lax compared to other sectors. A memo reportedly stated, “the healthcare industry is not as resilient to cyber intrusions compared to financial and retail sectors, therefore the possibilities of increased cyber intrusions is likely.” Moreover, according to the Ponemon Institute, 72% of healthcare organizations say they are only somewhat confident (32%) or not confident (40%) in the security and privacy of patient data shared on health insurance exchanges. Ponemon also reported that the potential cost of breaches for the healthcare industry could be as much as $5.6 billion annually.

In addition to robust and nimble cyber security measures, healthcare providers across the spectrum should be carrying Cyber Liability/Privacy & Network Security coverage in the event a breach occurs.

Cyber Liability coverage will pay for damages resulting from improper information disclosure, which can result in substantial liability judgments, severe penalties and fines, and significant costs for forensic analysis, notification to patients, and crisis management, among others.  The professionals at Axis Insurance Services work with several top-rated insurers that provide Cyber coverage to the healthcare industry. Give us a call at (877) 787-5258 to discuss this risk and how we can help you mitigate your exposures with a program designed for you.

Sources: Experian, Ponemon

Comments

comments

Blogged on: December 15, 2014 by Mike Smith
Error Omissions
Error Omissions
Submit your information below so we can contact you with a FREE quote
[All fields are required.]
Actual Annual Revenue:
Verify:
=
I have read and agreed to theTerms & Conditions
Error Omissions
Error Omissions