Will Your Doctor’s Office Be Attacked?

Increasingly, healthcare data is being transmitted on the internet.  Doctor’s offices are asking, “What will we do when we have a cyber attack?”  It’s not a matter of “whether” the office’s information will be hacked, but “when.”  Many doctor’s offices – large and small – are evaluating their HIPAA compliance plans and buying cyber insurance to protect against this huge risk.

“The Experian-Ponemon report found that of the health care organizations surveyed for the study, 77% said cyber risk insurance was important. Of those that made a claim against a breach event, 97% said the experience was good or excellent.

As more health care organizations become victims of breaches, awareness and interest in data breach insurance have grown, said Holly Moriarty, small commercial business marketing director for outpatient health care at the Hartford, an insurance company based in Connecticut that sells breach coverage.

NetDiligence, a cyber security firm that conducts risk assessments and data breach services, published a white paper in October 2012 in which it analyzed 137 events reported to breach insurance underwriters between 2009 and 2011. Health care and financial services topped the list as the most frequently breached sectors. The report said the average cost per breach was $3.7 million, the majority of which was legal damages. This figure was lower than the figure calculated by the Ponemon Institute, a data privacy and security researcher in Traverse City, Mich. Its May report, “2013 Cost of Data Breach Study: Global Analysis,” put the average cost per breach in the U.S. in 2012 at more than $5.4 million, or $188 per breached record.”

American Medical News, August 19, 2013

Has your doctor’s office considered buying cyber insurance?  Has your office performed a risk analysis on your IT systems?  This is a requirement of your HIPAA compliance plan.  Have you updated policies and procedures to keep up with the pace of changing technology?

CMS is currently expediting a new rule that will require “breach notification” to the federal government within an hour of a breach.  Do you have a system that will notify you of a breach immediately.  A review of your current HIPAA plan along with consideration of buying cyber insurance should be on your agenda for your upcoming doctor’s meeting.

Related Posts


Recent Posts

Is the FTC Banning Non-Competes?
January 31, 2023
Legal Documents for Your Graduating Senior
January 26, 2023
Can I Terminate My Physician Employment Agreement?
January 24, 2023
Do You Worry About Your Parents’ Health?
January 19, 2023
How Do I Escape My Non-Compete Clause?
January 17, 2023


Enter your email to subscribe now and receive your FREE HIPAA Risk Assessment book!

An essential tool for all healthcare providers, Easy Guide to HIPAA Risk Assessments breaks down the requirements of HIPAA so you can successfully complete your required risk assessment.


Get it now for FREE (an $8.99 value!)

One more step! Please check your email to confirm your subscription and receive your FREE book!