Why do I need cyber liability insurance?
Because data breaches can arise from many sources, cyber insurance is recommended for all medical practices. All TMLT policies have a cyber liability endorsement that provides a limit of $100,000.
Read about cyber claims here: Case Briefs — Ransomware and Cyber fraud case study: Failure to recognize phishing email.
How much does cyber liability insurance cost?
For TMLT policyholders, the embedded cyber insurance is provided for no additional premium. Policyholders also have an option to purchase higher limits.
What does cyber liability insurance cover?
The majority of cyber insurance policies include coverage to restore or recover lost or damaged computer programs and data; for breach response services for patient notifications and credit monitoring expenses; for crisis management and public/media relations; for cyber extortion and cyber terrorism; and for cyber crime/financial fraud. Some cyber liability policies also include coverage for the loss of revenue and extra expenses due to a business interruption.
Policies also typically includes coverage to defend claims related to security and privacy breaches resulting in the disclosure of confidential information; for regulatory investigations and fines and penalties; and for claims related to media liability alleging personal injury or invasion of privacy. Some policies also include coverage for errors and omissions.
How do I know if I need higher limits?
How much cyber insurance to carry is a decision only you can make, based on your risk tolerance and your confidence in your current cyber security measures.
It is difficult to know how much a breach would cost. If all your patient records were breached, how many patients would that affect? If the breach is investigated by the Office of Civil Rights, it could take more than a year to resolve. Many hacking and ransomware attacks require a forensic analysis to be done as part of the investigation. These costs add up, and many practices carry higher limits.
How can I manage my cyber risks?
Cyber threats require urgent attention and can quickly become catastrophic if not dealt with decidedly. Cyber liability coverage helps your practice survive these incidents by covering losses from cyber-related events.
However, cyber insurance is not a substitute for a good cyber security program, as not all losses can be covered by insurance. The benefits of an effective cyber risk management program and disaster recovery plan include prevention of cyber losses; preservation of electronic data; continuity of business; fulfillment of commitments to patients; compliance with privacy and security laws; and protection of the practice’s reputation.
TMLT offers cyber security tools and resources to help physicians prepare for and mitigate breach incidents. Organizations often need external assistance with their risk assessments and privacy training.