• E-mail
• Print
• RSS

Privacy and security primer: Tips from the February issue of Briefings on HIPAA

HIM-HIPAA Insider, February 16, 2015

Want to receive articles like this one in your inbox? Subscribe to HIM-HIPAA Insider!

1. Ensure that your organization has adopted the appropriate cyber insurance, as it can be valuable in the event of a breach.
2. Organizations often operate based on the misconception that their general liability insurance will adequately cover the cost of a breach, but this is not always the case.
3. Examine your organization's insurance policy to understand whether it simply covers the cost of replacing stolen hardware or covers the activities associated with breach notification and investigation.
4. Although not all breaches result in medical identity theft, organizations should offer credit monitoring and/or identity theft protection for patients affected by a breach.
5. Some cyber-insurance policies cover breach investigation and notification, but not fines and settlements resulting from these investigations. However, a comprehensive cyber insurance may cover all of these costs.
6. Electing cyber insurance is often a task left to risk management departments, although privacy and security officers can help their organizations understand the true cost of a breach before purchasing cyber insurance.
7. Ensure that workforce members who are regularly involved in breach response and risk assessment are at the table when your organization selects its cyber insurance policy. Otherwise important details or features may be lost.
8. It may seem as if larger organizations would need more coverage than smaller ones, but this decision cannot always be based on the size of a facility.

Want to receive articles like this one in your inbox? Subscribe to HIM-HIPAA Insider!

• E-mail to a Colleague
• Print
• RSS
• Archive