More on Data Breaches & Data Breach Insurance
It’s nice when the rest of the world seems to be catching up to you. If you are a regular reader of this blog, you know that we have been talking about data breaches and data breach insurance for years now. While businesses have long protected themselves from natural disasters like fires and tornadoes, there is growing evidence that more and more companies, including smaller medical practices, are now also considering a data breach a disaster that they should protect themselves against, according to a recent AMedNews.com article on the subject.
The growing list of practices, hospitals and health systems that have been affected, fined, and publicly scarred has caused even the smallest of practices to take notice. Smaller practices are realizing that they, too, are vulnerable, and perhaps even more vulnerable –considering many practices don’t have a full-time IT staff member or someone on their staff dedicated to online security, much less formalized policies and practices that are enforced throughout the practice –not only for electronic medical records, but also for portable devices (like laptops and tablets), personal phones and devices, etc.
A new study from Experian and the Ponemon Institute (of companies in general, not just health care organizations) shows that 32% of health care companies have data breach insurance and 41% are interested in getting it. Of those health care organizations who had data breach insurance and had to use it, 97% of the respondents said the experience was good or excellent. The Ponemon Institute also said in its recent study that the average cost of a data breach for a company in 2012 was $5.4 million, or $188 per breached record.
We hope that hard numbers like these can make the case for data breach insurance –where the costs of a data breach can include: costs to notify victims, legal defense costs, forensic and investigative costs, replacement of lost or damaged equipment, regulatory penalties and fines, revenue losses, third-party liability, communication costs to regulators, employee productivity losses, and brand damage, among other costs.
While some medical malpractice insurance policies include data breach coverage, many do not. If you are considering data breach insurance, you should first contact your medical malpractice insurance agent or refer to your policy. If you don’t currently have coverage, you can contact us today for a free, no obligation data breach insurance quote.