Chapter 4: Other Technological Risks for Mental Health Professionals
Part 6: What Recourse Do You Have When Your Mental Health Office Is Hacked?
The annual survey by the Ponemon Institute found that cyber attacks on healthcare organizations have increased by 100 percent in the last four years, which means it's extremely important to make your practice's data security a top priority. But first, let's recap the kind of losses you can expect if your mental health practice suffers a data breach:
- You could be fined by the US Department of Health and Human Services (HHS), which enforces HIPAA regulations.
- Your practice's reputation could be damaged.
- Your professional association could revoke your license.
- In some instances, your patients can sue you for failing to protect their privacy.
There are ways to mitigate the whopping financial consequences that accompany data breaches. Many Cyber Liability Insurance policies written for allied health professionals can help pay for these costs. For example, if your Cyber policy is industry-specific, it may…
- Pay for the cost of patching your network security.
- Cover cyber extortion expenses if your records are being held hostage.
- Fund PR measures to rebuild your practice's reputation after the breach.
- Pay for notifying affected parties about the breach (which you must do if the data isn't encrypted).
- Offer some coverage for government fines over HIPAA violations.
Cyber Liability Insurance policies written for mental health professionals may cover HIPAA fines that accompany a data breach at your practice.
Many policies offer coverage regardless of whether the privacy breach was caused by a hacker's meddling or your business's honest mistake. It's important to work with an insurance agent who understands your industry so you can ensure your coverage properly addresses your data risks.
Next: Conclusion & References