Health Information Management

Cyber insurance may help cover the true cost of a breach

HIM-HIPAA Insider, February 9, 2015

Want to receive articles like this one in your inbox? Subscribe to HIM-HIPAA Insider!

Even organizations with sound policies, procedures, training, and safeguards can experience a breach. When—not if—a breach occurs, traditional insurance may not be enough to cover the damages. Ensuring that your organization has adopted the appropriate cyber insurance can be valuable in the event of a breach.

For example, if a laptop containing the PHI of 100,000 patients is stolen from your organization, a traditional insurance policy will likely cover the cost of the laptop. However, that policy may not cover the data breach costs that resulted from the theft, including the cost of a forensic investigation, sending notices to affected patients, offering identity protection and credit monitoring for affected patients, and potential civil monetary penalties, says Adam Greene, JD, MPH, a partner at Davis Wright Tremaine, LLP, in Washington, D.C. In the event of a breach, cyber insurance can often cover most of these costs.
"We've seen insurers move toward excluding data security coverage from the general policies and instead require a separate policy for cyber insurance coverage," Greene says. "The costs related to the data are exponentially higher than the costs related to the hardware."
Healthcare organizations should examine their insurance policy to understand whether it simply covers the cost of replacing stolen hardware or covers the activities associated with breach notification and investigation, he says.
Continue reading "Cyber insurance may help cover the true cost of a breach" on the HCPro website. Subscribers to Briefings on HIPAA have free access to this article in the February issue.

Want to receive articles like this one in your inbox? Subscribe to HIM-HIPAA Insider!

    Briefings on APCs
  • Briefings on APCs

    Worried about the complexities of the new rules under OPPS and APCs? Briefings on APCs helps you understand the new rules...

  • HIM Briefings

    Guiding Health Information Management professionals through the continuously changing field of medical records and toward a...

  • Briefings on Coding Compliance Strategies

    Submitting improper Medicare documentation can lead to denial of fees, payback, fines, and increased diligence from payers...

  • Briefings on HIPAA

    How can you minimize the impact of HIPAA? Subscribe to Briefings on HIPAA, your health information management resource for...

  • APCs Insider

    This HTML-based e-mail newsletter provides weekly tips and advice on the new ambulatory payment classifications regulations...

Most Popular