The White Paper below is a copy of the 6th Annual Benchmark Study on Privacy & Security of Healthcare Data published by the Ponemon Institute, LLC.
While the information is generated around the Healthcare Industry, many findings could apply to Industries in general. Certainly, any industry handling sensitive Healthcare Information (i.e., Nonprofits). Of particular note in the key findings below are points 10 & 11 regarding use of outside Third Parties after the fact. Cyber Policies provide access to these services as a part of coverage terms. Organizations do not want to be negotiating these services at the time of most need.
- Despite increased frequency of data breaches many organizations lack the money and resources to manage breaches.
- Breaches cost the Healthcare Industry an estimated $6.2 billion annually.
- 90% of respondents indicated they experienced a breach within the last 2 years.
- 50% had more than 5.
- The majority involved fewer than 500 records.
- Average cost to Healthcare Organization was $2.2 million.
- Criminal attack is leading cause of data breach (50%), malicious insider (13%).
- 2016 Ramsonware, Malware and denial of service top threats followed by:
- Employee Negligence
- Mobile device insecurity
- Cloud Services
- Employee owned mobile devices
- Successful attacks target Medical Files, Billing Insurance Records
- Healthcare organizations are more likely to engage outside third parties to offer assistance in a cyber attack.
- Outside Legal
- Forensic IT/Security Provider
- Only 1/3 have Data Breach Insurance, even though these policies typically provide:
- Legal Counsel (Entity)
- Forensic IT and Accounting Services (Entity)
- Credit Monitoring (Victims)
- Identity Protection (Victims)
Should you have more questions or would like to discuss this coverage with our Cyber consultants, please reach out to me directly.