The Real Threat of Medical Information Data Hacking

June 19, 2015

Medical Groups, individual providers and facilities, institutions, surgery centers and medical foundations across the country are being affected by these attacks of electronic medical records. The dangerous and costly data breaches are becoming more and more common. There breaches that affect only individuals and there are those that affect millions and millions of records.

Mining Identity and financial data

One such breach that occurred recently in Indiana affected only patients who were using a program called
‘my lab results’ - an external patient network portal. The company that operates the lab result platform reported that the attack on its main network began early May and wasn't detected for 3 1/2 weeks. This is, unfortunately, the norm for cyber-attacks …: the hackers learn how to access information and then mining that data for weeks.

They continue to copy that sensitive data …and, in this particular major breach, when the breach was discovered, an investigation was immediately launched. The company engaged forensic technology auditors to discover how many patients have been affected.

Oftentimes, FBI cyber squads are notified and investigations are ongoing. Last year in Indiana the Atty. Gen.'s office received 395 separate data breach notifications according to the South Bend Tribune.

Of those the South Bend Tribune reports 36 were federal government agencies operating within the state of Indiana.
This year, by mid-April the office received 150 breach notifications which included up to 4 1/2 million records belonging to Indiana state residents alone.

Health Care Organizations are at risk for data breach

Experts say that the next frontier for data breach seeks is the healthcare organizations across the country. There are new federal legislations that are under consideration which would tighten laws governing data collection and storage and require more prompt notification of these breaches. Unfortunately, this means that there will be more, higher restrictions and a higher duty of care on physicians and groups to manage the data. The idea is the faster we all know about this crime the more he can collaborate to deter future attacks and mitigate the damage.

Protecting Data to avoid the breach!

The work that is being done in cyber liability and protection area is similar to what started years ago the patient safety foundations across the country and within the medical County associations. Data storage and sharing of electronic records are essential to the goals of any health care reform whether it is private or government sponsored. And, that goal is to provide higher-quality healthcare to more people for less money.
The stakes are high to make this work,: If we don't learn how to manage and share and proliferate the right data to the right people can never attain these goals.

The South Bend Indiana medical foundation does not release all of the details to the local Tribune about the cyber-attack beyond public information news release however we know that this healthcare organization like all others take the privacy and security of patient information very seriously. In the reality is that identity theft is a very real risk shared by any healthcare organization or provider.

The Cyber Liability Sub Limit

The Doctors Company, Norcal Mutual, Medical Protective and many of the physician known carriers and commercial professional liability insurance companies across the country provide along with their professional liability policies a sub limit often up to $50,000 of defense available at no additional premium through their policies. The Dr.'s insurance agency worked with our underwriters and the experts at Lloyds of London to develop a plan to provide more assistance to our insureds. Seven years ago, the Lloyd's specialty worked with us to develop a product to go along with this $50,000 supplement for very affordable premiums - for often less than $2500, our physicians and physician groups can purchase up to a $1 million shared limit to respond to cover the cost of notification, the cost of repair of systems, recovery of data and prevention of future data breach incidents.

The Doctors’ Insurance Agency works with you to add affordable One Million Data Liability Policies. The Doctors Company is competitively priced for medical malpractice insurance; the premium includes $50,000 to defend and cover the cost associated with a breach. The Doctors Insurance agency will work with all physicians and healthcare organizations to add the affordable cyber liability protection on top of these medical malpractice policies.