Healthcare is a top target for cybercriminals, with both large and small providers being increasingly at risk of cyber attacks. Cyber insurance typically provides coverage for financial, tangible and intangible losses related to cyber incidents. Specific coverage will depend on your insurance provider’s policy.
Consider the following when determining whether you need to add cyber insurance to your personally held professional liability insurance package:
- Am I self-employed, do I operate a private practice?
- Do I have employees or contracted staff? If so, do they have annual cyber security training on ransomware, phishing, etc.?
- Am I using electronic medical records or clinical information systems? Do they have their own cyber protection guarantees?
- Do I or my staff digitally collect and store personal and/or health information about clients?
- Do I use cloud services or other third-party providers, and do I know the extent of their data security protocols and protection coverage?
- Do I have resources for cyber defense such as tech support for my information systems (computers, mobile phones, cloud storage)? Do I also apply these cyber defenses to any personal devices that I or my staff use in our practice?
- Am I able to cover costs of data restoration, information system restoration, downtime caused by cyber-attacks, and potential lawsuits?
- How would I manage breach and related response costs (legal, forensics, public relations, crisis management, notifying individuals)?
- Do I know whether my equipment (computer, mobile phone, other) is secure?
- Does my employer protect me if I unintentionally cause a breach in their information systems (e.g., if I click on a suspicious email attachment or link)?
Reflecting on these questions and consulting with your insurance provider can assist you in determining your level of risk and need for cyber insurance.