Cyber-Security Insurance- Does Your Healthcare Facility Need a Policy?
Does your healthcare insurance have a cyber security insurance policy in place? If not, it’s time to find out if it needs one. And that’s exactly what we’re going to help you do in today’s post.
Insurance plays a vital role in most healthcare businesses’ financial success—it’s a tried and true method for mitigating potential risk. While more standard brick and mortar insurance policies are a must for any healthcare facility, small to large, many are forgoing the ever-important cyber security insurance.
This ends up exposing them to a lot of undue risk from technological vulnerabilities. Don’t let this happen to you!
History of Cyber Security Insurance
In the 1990s, individuals in risk management saw an opportunity to build a new network of coverage revolving around the rapidly expanding worldwide web.
One of the first plans developed was conceived by the venerated Lloyd’s of London.
They predicted a business’s potential risk to a business transfer of virus or malware and any associated litigation by the infected company to the infecting company. While this particular type of threat has not proven to be as common as initially perceived, it helped form the building blocks of a new and bustling insurance market.
As the market has continued to grow, the emphasis has been on first-party and third-party coverages that focus on interruption, payment of fines and penalties, credit monitoring costs, public relations costs, and the cost of restoring or rebuilding private data.
Types of Cyber Security Insurance
Today, more than 80 companies are competing in the cyber insurance space.
Types of plans include:
- Network Security—protection against cyber-attacks or hacking.
- Business interruption—covers lost income and other costs due to a potential cyber event.
- Extortion—converge for expenses to investigate credible extortion threats using company data as leverage.
- Reputation Insurance—insurance against attacks on a person or business’s reputation and defamation.
- Theft or destruction—covers the destruction of necessary materials and any damages associated with the theft of materials.
- Computer Damage—covers any costs related to equipment that an attack may damage.
- Information Privacy—protects against any possible lawsuits or fines that can be associated with a violation of data privacy laws implemented by governments.
While there are many different plans and coverage possibilities, most cyber insurers can work directly with your office to craft a plan. You can customize these plans to meet your needs. But, as with any insurance plan, one must ask themselves if the costs are worth protecting.
What does this coverage cost?
According to a study commissioned by AdvisorSmith Solution Inc., they found that the average cost of a cyber liability policy in 2019 was $1,500 per year for $1 million in coverage, with a $10,000 deductible. In 2021, they found those same policies average $1,485 per year or $124 per month.
As for the factors that determine those prices?
They cover a wide range, including but not limited to:
- The size of a business and the industry it operates in
- The sensitivity of the data
- A company’s annual revenue
- The strength of its security networks
(Don’t miss this post for five reasons it’s time to upgrade the cyber security practices at your business today)
Does your healthcare practice need cyber insurance?
Many healthcare practices ask themselves if the return on investment makes cyber insurance worthwhile. The answer requires asking more questions.
If you suddenly had to pay each patient to repair the damage of their stolen data, would you have the funds to do so? Or, if locked out of your patient’s information so you could continue to do business, would you have the thousands of dollars to buy back your data?
Another question to ask is this: are you in a higher-risk industry?
For example, the healthcare industry is especially prone to cyber-attacks as they hold swaths of data on large groups of people. Also, the banking industry contains valuable fiscal information about its clients.
When Anthem was subject to a massive data breach, they were fined tens of millions of dollars by the US Government. Not to mention over one hundred million dollars of civil action litigation. In that case, a cyber insurance plan would provide ample coverage to assist with such a breach.
When considering a cyber security insurance plan that’s right for you, you will answer a wide range of questions to steer your business towards the policy that will best serve your company’s needs.
(Make sure your company prepares for these five major cyber security risks)
Finding the Best Cyber Insurance Policy for You
Some items you should prepare to answer are:
- The value of your business and your amount of exposure.
- Amount of liability desired.
- Questions about your network security and privacy, including questions about:
- How well your staff is trained in security
- Do you have strict policies in place followed by all employees and contractors?
- Does your practice process credit card information?
- Do you collect personal information such as social security information, home addresses, etc.?
- Do you have IT, staff?
- What is your past loss history?
- Do you have media subject to rights and licenses?
Remember, this is just a quick snapshot of the types of questions to be expected when considering cyber insurance. But you can be confident you will need to provide an extensive overview of your network security systems in place as well as general information about your company. These questions will guide a potential provider in working to secure a plan best suited for your needs.
(Wondering how often you need to perform a cyber security analysis? Find out in this post)
Cyber insurance is a field that, like almost all cyber components, is rapidly expanding and growing with the times. While you may have to ask yourself what the reward versus the risk is, it’s great to consider if you have a business that is especially vulnerable to data risk.
Are you interested in having your business’s IT needs evaluated? Then consider contacting CloudNexus for a comprehensive evaluation today. We’ll be happy to help you fill out the insurance application since we are very familiar with the information it requires.
Did you learn a lot from this post? Here are three more to read next:
- Ransomware & Small Businesses: Don’t Let Your Business Fall Victim!
- Why IT Managed Services? Six Key Benefits
- 5 Top Cybersecurity Trends of 2021
This post about cyber security insurance was first published in 2020, but it was updated in 2022.