When you visit the doctor’s office, you have enough on your mind. What’s wrong? What will the diagnosis be? What’s the treatment? The one question patients shouldn’t have to ask is this: “Is my personal health information secure?”
Unfortunately, as our Cyber Liability Practice Leader Nick Maletta pointed out in his Dec. 18 blog post “Don’t Get Burned,” in the first half of 2015 alone, the healthcare industry lost 84.4 million records in 187 cyber breaches — the most of any industry.
Instead of cyber criminals focusing on ways to get financial/credit/debit card information by using skimmers at gas pumps, ATMs, or point-of-sale (POS) equipment, they’re becoming much more sneaky. Would you believe that stolen healthcare records are far more valuable on the black market than financial information? It’s true!
Fueling the increase in healthcare record thefts is the ongoing shift to electronic medical records. Unfortunately, systems containing this data often have low security or aren’t using the latest security features available.
The patient data being offered for sale includes things like names, birth dates, billing information, insurance policy numbers, and even diagnosis codes. Having this information allows the data to be used to fraudulently file fictitious claims and buy medical equipment or prescriptions that can be easily converted to cash. Scary, I know!
What might be scarier is that it’s not uncommon that the patient or insurance provider doesn’t immediately detect the healthcare record has been stolen, potentially giving cyber criminals years to use the patient data before being identified. Typically, patients don’t discover their information has been compromised until they start receiving bills from debt collectors seeking payment for unpaid bills for procedures they never underwent or equipment or prescriptions they never received. This makes medical data far more valuable than financial information, which tends to be promptly canceled by financial institutions once fraud is detected.
Understandably, this topic sparks interest by everyone. After all, no one is “immune” from cyber attacks. So, what steps can you take to control your cyber exposure? Do your current controls use the latest security features available? Helping you avoid and reduce your risk is what we do at Holmes Murphy. Give us a call or send us a message to discuss your cyber liability coverage. You can also comment below and share your thoughts or ask questions! Let’s get the conversation started!