Will Your Doctor’s Office Be Attacked?

Increasingly, healthcare data is being transmitted on the internet.  Doctor’s offices are asking, “What will we do when we have a cyber attack?”  It’s not a matter of “whether” the office’s information will be hacked, but “when.”  Many doctor’s offices – large and small – are evaluating their HIPAA compliance plans and buying cyber insurance to protect against this huge risk.

“The Experian-Ponemon report found that of the health care organizations surveyed for the study, 77% said cyber risk insurance was important. Of those that made a claim against a breach event, 97% said the experience was good or excellent.

As more health care organizations become victims of breaches, awareness and interest in data breach insurance have grown, said Holly Moriarty, small commercial business marketing director for outpatient health care at the Hartford, an insurance company based in Connecticut that sells breach coverage.

NetDiligence, a cyber security firm that conducts risk assessments and data breach services, published a white paper in October 2012 in which it analyzed 137 events reported to breach insurance underwriters between 2009 and 2011. Health care and financial services topped the list as the most frequently breached sectors. The report said the average cost per breach was $3.7 million, the majority of which was legal damages. This figure was lower than the figure calculated by the Ponemon Institute, a data privacy and security researcher in Traverse City, Mich. Its May report, “2013 Cost of Data Breach Study: Global Analysis,” put the average cost per breach in the U.S. in 2012 at more than $5.4 million, or $188 per breached record.”

American Medical News, August 19, 2013

Has your doctor’s office considered buying cyber insurance?  Has your office performed a risk analysis on your IT systems?  This is a requirement of your HIPAA compliance plan.  Have you updated policies and procedures to keep up with the pace of changing technology?

CMS is currently expediting a new rule that will require “breach notification” to the federal government within an hour of a breach.  Do you have a system that will notify you of a breach immediately.  A review of your current HIPAA plan along with consideration of buying cyber insurance should be on your agenda for your upcoming doctor’s meeting.

Related Posts


Recent Posts

Getting Remarried? Here’s What You Need to Know
March 21, 2024
What is the Biggest Threat to Healthcare?
January 30, 2024
How Can I Simplify Estate Planning?
January 11, 2024
I Have a Trust. Now What?
December 7, 2023
Breaking: Corewell Health Breach
December 5, 2023


Subscribe to Our Newsletter

Subscribe and get your FREE copy of Easy Guide to HIPAA Risk Assessments

An essential tool for all healthcare providers, Easy Guide to HIPAA Risk Assessments breaks down the requirements of HIPAA so you can successfully complete your required risk assessment. (an $8.99 value)

Thank you for subscribing to the Rickard & Associates healthcare blog. You'll receive a confirmation email shortly. After verifying your subscription request, you'll be sent to the "Easy Guide to HIPAA Risk Assessments" download page.