ALERT! Health Care Facilities Have Been Breached

// September 12, 2016
Reading Time: 2 minutes


While medical malpractice insurance is probably the most popular way for health care facilities to mitigate risk, employment practices liability (EPL) insurance is a close runner up.

EPL claims are ranked second in severity. At USLI, we are trying to meet the ever changing demands that a health care facility faces. In the past, we have tailored our Medical Providers EPL policy to include unique coverages such as wage and hour claims, defense and indemnity coverage and allegations of abuse and molestation. Now, in 2016, health care facilities have become the number one target of cyber attackers. We have responded by creating two data breach and cyber endorsements to respond to these exposures.

A whopping 51 percent of data breaches occur in health care facilities. Even harder to comprehend is the fact that 94 percent of health care facilities have had at least one data breach in the last two years.

Industry studies have found that medical facilities are not as quick to upgrade their infrastructure and consistently tweak their cyber security. Also, the incentive for criminals to target health insurance credentials is much greater than with credit card information.

According to Don Jackson, director of threat intelligence at PhishLabs, a cyber crime protection company, stolen health credentials can sell for $10 each, about 10 or 20 times the value of a U.S. credit card number. There are many different ways for a medical organization to protect itself from a cyber attack. Among the most common measures taken, according to LinkedIn, are:

  • Network security
  • Staff training on company policies and procedures
  • Having separate office and guest Wi-Fi networks
  • Data recovery and disaster plan training
  • Secure building access, document destruction and firewall installation

None of the measures taken above have proven capable of stopping a cyber attack.  Purchasing insurance is the only way for an organization to cover itself from such a threat.

Our data breach and cyber endorsements will cover:

  • $50,000 in data breach expense coverage
  • $50,000 in identity theft coverage
  • $50,000 in kidnapping coverage
  • $50,000 in workplace violence coverage

Please contact your Professional Lines underwriter for more information or a quote, or get a web quote today >>

Download marketing materials for the Medical Providers Employment Practices Liability product >>

As always, thank you for your support and business.

Tom LangstonWritten by Tom Langston
September 15, 2016

Andrew MonaghanContact Andrew Monaghan,
Medical Providers EPL Product Leader | 888-523-5545 Ext. 2485