The Relationship Between the Medical Sector & Cyberattacks

The recent ransomware attack on the Colonial Pipeline Company sent shockwaves pulsing through the lives of consumers of businesses in the Eastern US. The news and the rippling after-effects of the pipeline shutdown are a harsh and startling reminder of data network vulnerability. 

Hackers Hit the Healthcare Industry Hard in 2020

The healthcare sector was hammered by a doubling of cyberattacks in 2020, with ransomware accounting for 28% of successful breaches. The pandemic led to overburdened systems and personnel, which gave hackers more reason to target medical facilities. 

According to the 2021 Breach Barometer, published by analytics firm, Protenus, 40 million+ patient records were breached in 758 reported incidents. There were 8 million patient records breached by insiders, along with a substantial increase in hacking incidents. 

The penalties in lost productivity, financial costs for fines, paying ransomware demands, employee morale, and consumer trust are substantial for healthcare operations already under stress from Covid-19 on every side. The real threats are reason enough to review or acquire NJ Cyber Liability Insurance coverage for your business now. 

Healthcare Sector Is an Inviting Target for Cyberattacks

Healthcare records are valuable assets to hackers. Adding to the desirability of the target is the number of access points and need by multiple parties to review patient information, which makes healthcare data systems open and thus ripe for opportunities for hackers. 

There are many other problems with cybersecurity in hospitals and medical facilities, including:

• A lack of education on best cybersecurity practices.
• Relatively weak on security medical devices are easy to access as soft target entry points.
• The necessity of sharing patient records requires remote access.
• Outdated and legacy systems not ready for modern-day hacking techniques.
• Data and device proliferation provide growing entry points for hackers.
• Smaller healthcare operations lack a budget for cybersecurity and present backdoor access to larger medical-related businesses.

How to Protect Healthcare Data

Start with an overall understanding of the various methods cyberattacks occur. According to Health IT Security, phishing exploits were surpassed by scanning and endpoint exploiting as the prime means of gaining network entry accounting for 35 percent of attacks in all sectors. Meanwhile, network access from credential theft saw a decrease from 29 percent to 18 percent. Vulnerabilities from unpatched Citrix systems gave rise to endpoint exploits in 2020. Overall, system weaknesses gave hackers an almost 20% success rate with their healthcare sector attacks.

The Digital Guardian blog provides these ten data protection suggestions for healthcare entities: 

1. Educating Healthcare Staff.
2. Restricting Access to Data and Applications.
3. Implementing Data Usage Controls.
4. Logging and Monitoring Use.
5. Encrypting Data.
6. Securing Mobile Devices.
7. Mitigating Connected Device Risks.
8. Conducting Regular Risk Assessments.
9. Utilizing Off-Site Data Backup.
10. Carefully Evaluating the Compliance of Business Associates.

There is much at risk with lots to lose when cyberattacks happen. At the Dickstein Associates Agency, we take an active role in working with our medical office clients to help them secure their business and protect it when inevitable losses occur. Our top-to-bottom medical practice coverage includes NJ Cyber Liability Insurance. 

What Cyber Liability Insurance Covers

Cyber liability insurance helps pay for financial losses from data breaches and other events associated with a cyberattack. Although optional, your protection may include first-party and third-party losses.

When your medical office suffers direct financial losses due to a data breach, first-party coverage kicks in to help pay expenses resulting from the cyberattack. The third-party coverage in your policy covers claims for legal costs, damages, and settlement costs due to injuries that happen due to actions or failure to act by your company.

Your cyber liability policy will help pay to restore data, business income and extra expense losses, extortion fees from ransomware attacks, notification costs to inform third parties of data breaches, costs for reputation and crisis management activities. Examples include hiring computer and cybersecurity experts, legal defense, and forensic accounting fees. Also included are costs for public relations firms to evaluate the damage, identify and notify victims of compromised data, protect the company’s reputation, and pay other loss mitigation fees. 

Get a Complete Insurance Checkup for Your Medical Practice

The insurance professionals at Dickstein Associates Agency are eager to put decades of experience at your disposal to review your current program to reduce your exposures and your premium whenever possible. We are ready and capable of handling all your insurance needs. As independent agents, you gain the advantage of our extensive network of carriers to provide you comprehensive insurance coverage at competitive rates. 

About Dickstein Associates Agency

Dickstein Associates Agency has distinguished itself as a leading provider of personal and business insurance in the tri-state area for over 55 years. We pride ourselves on being advocates for our clients and providing them with quality and affordable coverages. As Trusted Choice™ independent insurance agency, we partner with various national and regional carriers, allowing for flexible and unbiased coverage for each client’s unique circumstances. For more information on how you can leverage all of your insurance to work best for you, and how we can secure the best insurance in the marketplace based on your specific needs and business objectives, contact us today at (800) 862-6662.