Cyber Threats to your Practice in Simple Terms
- -
Confused by cyber threats to your practice? You just might consider the Orient Express!
By Matt Gracey
According to the Ponemon Institute Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data, published in May 2016, “Data breaches in healthcare are increasingly costly and frequent, and continue to put patient data at risk. Based on the results of this study, we estimate that data breaches could be costing the healthcare industry $6.2 billion.2
According to the findings of this research, over the past two years the average cost of a data breach for healthcare organizations is estimated to be more than $2.2 million. No healthcare organization, regardless of size, is immune from data breach. Over the past two years, the average cost of a data breach to BAs represented in this research is more than $1 million.”
Cyber threats to healthcare practices include:
- Network Security and Privacy Liability. This is the main and most common threat: Patient records get compromised due to a breach. According to a recent Ponemon Institute study, nearly 90% of medical practices have had their records compromised in the last two years.
- Cyber Extortion and Other Crime. Cyber terrorists are showing up right on your computer monitor, often in living color, and the FBI and police are seemingly powerless to help. Ask around and you will find someone close to you who has already had this happen as cyber extortion becomes more and more common.
Should your practice fall victim to a cyber attack, it could be quite costly:
- Breach Response Costs. From the moment you find out your patient records have been breached, you will need to take action (no, not a long trip to the Orient). Costs include notifying all of your past and present patients. Do the math…this one is scary! The regulators also usually require you give your patients credit-monitoring services for at least a year after the breach. These are just two of the main response costs, but there are many others.
- Regulatory Defense and Penalties. Yes, the regulators want their share too…lots more costs here… Just like building out an office or home, you cannot even begin to imagine how much the fees, fines, and penalty costs can be in a bad breach. (That Orient trip is starting to look cheap!)
- Crisis Management and Public Relations Costs. You thought marketing your practice was expensive, right? Wait until the public relations and media costs hit after a cyber breach event! (Yes, I have heard the meals on the Orient Express are quite good!) Your practice needs to stay out front with the public messaging after a cyber crisis erupts (or you might need to be opening your practice in the Orient soon).
- System Damage and Business Interruption. Think all of these events won’t completely distract you from practicing good medicine, or even challenge you to keep your doors open with computers that are actually still working? Comprehensive insurance coverage includes your computer equipment and can even reimburse for lost revenue due to a cyber breach.
OK, so I know what you are thinking…reaching out to your favorite travel agent sounds much better, but afterwards you might just think to find a specialized insurance agent who can help find you great cyber coverage so you can actually take that Orient Express trip and come back to a functioning practice!
Try us…Danna-Gracey…but please, just promise to send pictures of those smiling train porters.
Ponemon Institute
Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data
Ponemon Institute© Research Report
Publication Date: May 2016
“Data breaches in healthcare are increasingly costly and frequent, and continue to put patient data at risk. Based on the results of this study, we estimate that data breaches could be costing the healthcare industry $6.2 billion.2 Nearly 90 percent of healthcare organizations represented in this study had a data breach in the past two years, and nearly half, or 45 percent had more than five data breaches in the same time period. The majority of these breaches were small, containing fewer than 500 records. According to the findings of this research, over the past two years the average cost of a data breach for healthcare organizations is estimated to be more than $2.2 million. No healthcare organization, regardless of size, is immune from data breach. Over the past two years, the average cost of a data breach to BAs represented in this research is more than $1 million.”