Cyber insurance may help cover the true cost of a breach
HIM-HIPAA Insider, February 9, 2015
Want to receive articles like this one in your inbox? Subscribe to HIM-HIPAA Insider!
Even organizations with sound policies, procedures, training, and safeguards can experience a breach. When—not if—a breach occurs, traditional insurance may not be enough to cover the damages. Ensuring that your organization has adopted the appropriate cyber insurance can be valuable in the event of a breach.
For example, if a laptop containing the PHI of 100,000 patients is stolen from your organization, a traditional insurance policy will likely cover the cost of the laptop. However, that policy may not cover the data breach costs that resulted from the theft, including the cost of a forensic investigation, sending notices to affected patients, offering identity protection and credit monitoring for affected patients, and potential civil monetary penalties, says Adam Greene, JD, MPH, a partner at Davis Wright Tremaine, LLP, in Washington, D.C. In the event of a breach, cyber insurance can often cover most of these costs.
"We've seen insurers move toward excluding data security coverage from the general policies and instead require a separate policy for cyber insurance coverage," Greene says. "The costs related to the data are exponentially higher than the costs related to the hardware."
Healthcare organizations should examine their insurance policy to understand whether it simply covers the cost of replacing stolen hardware or covers the activities associated with breach notification and investigation, he says.
Continue reading "Cyber insurance may help cover the true cost of a breach" on the HCPro website. Subscribers to Briefings on HIPAA have free access to this article in the February issue.
Want to receive articles like this one in your inbox? Subscribe to HIM-HIPAA Insider!
Related Products
Most Popular
- Articles
-
- Don't forget the three checks in medication administration
- Five ways to safeguard your patients' valuables
- Note similarities and differences between HCPCS, CPT® codes
- The consequences of an incomplete medical record
- Q&A: Primary, principal, and secondary diagnoses
- OB services: Coding inside and outside of the package
- Skills of effective case managers
- Practice the six rights of medication administration
- Reimbursement for Facility and Professional Services in a Provider-Based Department by Gina M. Reese, Esq., RN
- Nursing responsibilities for managing pain
- E-mailed
-
- Plan of Care Supports Documentation of Homebound Status
- Q/A: Coding infusions to correct low potassium levels
- Note from the instructor: CMS clarifies billing guidelines on proper billing for drugs in a single-dose or single-use vial, including billing for discarded drugs
- Neurological checks for head injuries
- Modifiers and medical necessity
- HIPAA Q&A: Cameras in patient rooms
- Follow these tips to properly report bladder catheter codes
- Examine cardboard boxes stored on floor to avoid infection control, life safety citations
- Differentiate between types of wound debridement
- Consider two options for coding Rho(D) immune globulin given in pregnancy
- Searched