Error Omissions
Error Omissions
Submit your information below so we can contact you with a FREE quote
[All fields are required.]
Actual Annual Revenue:
Verify:
=
I have read and agreed to theTerms & Conditions
Error Omissions
Error Omissions

After a Data Breach at a Healthcare Facility, What’s Next?


Steps to Take to Mitigate Exposures After a Healthcare Data BreachSteps to Take to Mitigate Exposures After a Healthcare Data Breach

In our blog last month, we highlighted projections that have the healthcare industry looking at a continued high incidence rate of data breaches as we enter 2015. This is on the heels of healthcare organizations accounting for about 42% of all major data breaches reported in 2014, according to the Identity Theft Resource Center and Experian.  How do you prepare for this? First, be sure to beef up security measures to mitigate the ever-growing risk of a data breach. At the same time, make sure you have the proper cyber liability insurance coverage in place. There are different policies on the market with various provisions therefore it’s important that a policy is designed for your specific organization. The professionals at Axis Insurance Services who specialize in cyber liability can assist you in securing the right type of coverage.

But what happens when secured patient or employee data is comprised? Is there a plan in place? What steps should a healthcare organization take to minimize exposure to a lawsuit?

 

  • Hire an attorney familiar with handling data breaches, one who knows how to handle the situation in a timely fashion and can avoid costly missteps. The attorneys you have on staff or on retainer may not have the experience needed to deal with cyber issues.
  • Be sure to notify authorities immediately following a breach in addition to affected patients. The state and federal authorities you need to notify will depend on your jurisdiction. A data breach could be in violation of HIPAA laws and result in fines and penalties if not reported properly.
  • Implement a crisis management plan to mitigate public fallout from a breach. The best thing to do is to hire a PR firm specializing in handling these types of crises. The potential cost of losing public trust can be significant if not managed properly.
  • Pinpoint where and how the breach occurred by engaging a forensic expert to work with your IT staff. This involves evaluating your facility’s systems and security protocols to determine where failures occurred. Once you know the source of the problem, you can take steps to implement greater security measures.
  • Be sure to continually review your organization’s policies and guidelines for secured data. Cyber criminals are always a step ahead looking for vulnerabilities and ways to comprise personal health information. Also, be sure to train employees to follow the protocols in place to mitigate the risk of a cyber attack.

 

Many of the costs involved in a cyber attack, such as patient notification, forensics, PR and crisis management, business interruption, defense costs in the event of a lawsuit and third-party liabilities can be insured under a comprehensive cyber liability policy. Give us a call at (877) 787-5258 to discuss your medical facility’s cyber insurance needs.

Comments

comments

Blogged on: January 9, 2015 by Mike Smith
Error Omissions
Error Omissions
Submit your information below so we can contact you with a FREE quote
[All fields are required.]
Actual Annual Revenue:
Verify:
=
I have read and agreed to theTerms & Conditions
Error Omissions
Error Omissions