Cyber Liability and Online Scheduling
We recently read about an interesting cyber liability case from Arizona. A Phoenix and Prescott surgeon recently had to use his Arizona liability coverage for a very avoidable reason. In a nut shell, the physician posted patients’ appointment information on a public Internet calendar, violating HIPAA regulations, and opening him/herself up to major cyber liability.
While it would be easy to say that such a mistake was stupid, we here at MyMedicalMalpracticeInsurance.com see avoidable errors like this time and time and again. We firmly believe that no physician would intentionally compromise his or her patient’s confidentiality. There is often a feeling that the more things go online, the better and more efficient practices will be –but only if such processes are thought through and put in place carefully. Quite simply, in this age of online media, scheduling, and records, it becomes all too easy to get wrapped up in “getting online” (and getting the latest project checked off the list) that proper safety and confidentiality precautions are often accidentally forgotten.
With any new online or electronic endeavor, the physician or practice manager should ask:
Who should see this information?
Who else could possibly see this information?
How is this information protected?
Is it sufficient?
And, to follow-up on another cyber liability case that we recently reported on, the plastic surgeon who posted before and after photos of his/her patients with identifying information had the claim settled under his/her cyber liability policy from Medical Protective (Med Pro).
The good news is that many of the major medical malpractice insurance carriers provide cyber liability coverage as part of their standard policies. If a carrier does not offer cyber liability coverage with a standard policy, a stand-alone cyber liability insurance policy can be purchased. Contact MyMedicalMalpracticeInsurance.com today if you would like a free quote or any questions about such policies answered.