Chapter 3: Cyber Liability Exposures for Nurses
When health information is stored digitally, it's especially important to mitigate the chance of data breaches. In fact, HIPAA and HITECH regulations make a point to address this issue and outline strict penalties for professionals who don't do enough to protect medical information from a hack or leak (more on that in the next section).
But even with lots of preparation, it's prudent to have a backup plan for the worst-case scenario. After all, a single data breach (resulting from stolen hard drives, malicious hackers, or mistaken disclosure) costs quite a bit in cleanup costs. On top of HIPAA fines, you'd likely have to pay for credit-monitoring services, patient notification, and rebuilding your business reputation. A single data breach could cost you hundreds of thousands of dollars.
That's why nurses working with electronic health information can benefit from Cyber Liability Insurance. This policy helps cover the immediate costs following a data breach and protect your personal assets from the resulting fallout.
Depending on your policy, Cyber Liability Insurance may offer coverage for…
- Client notifications to let those affected by the data breach know about the situation and monitor their information. Most state laws require you to make these notifications, depending on the size of breach.
- Credit-monitoring services, which will monitor the credit of affected parties in case fraudsters try to steal their identities. You're often required to offer this service to those affected by a breach.
- Good-faith advertising to market and rebuild your reputation following a breach.
- Cyber extortion expenses in case hackers or cyber criminals hold the information hostage until you pay them.
Some Cyber Liability policies may cover the cost of HIPAA and HITECH fines, too. Be aware that this isn't necessarily guaranteed in your Cyber Liability policy and the coverage likely depends on the specifics of both your policy and the breach incident. Nurses should consult with their insurance agent to determine what their policy does and doesn't cover and ask about the HIPAA penalty coverage.
With data breach risks becoming more widespread and the penalties associated with them becoming increasingly severe, Cyber Liability Insurance makes sense for healthcare professionals worried about their cyber exposure. It can provide the necessary financial backing to survive a data crisis, but it can't prevent one from happening. You'll still need to implement good risk management strategies when handling and storing sensitive data.
For more information on how healthcare professionals can manage their data breach risk and how Cyber Liability Insurance can protect them, read this article by Woodruff Sawyer and Company .
And now that you know there's an insurance policy to address your data security risks, let's take an in-depth look at what HIPAA and HITECH require of small nurse businesses.
Talk to your insurance agent to see if your Cyber Liability Insurance policy can cover HIPAA and HITECH fines associated with a data breach.
Next: Chapter 4: Definition of HIPAA & HITECH