The healthcare sector has certainly learned the effects of a Cyber breach the hard way, in particular with the WannaCry attack earlier this year which led to ransomware infecting NHS, and many other businesses, networks.
Keeping personal data safe and secure is a key focus of the General Data Protection Regulation, which comes into force in May 2018.
With the tightened legislation, along with big fines for ignoring them, getting Cyber security right must be the focus for medical and dental practices over the coming months.
GDPR challenges include:
- Ensuring individual’s rights
- Data accuracy
- Keeping data safe
- Collecting data responsibly and with permission
- Managing breach notifications
While many of these areas require well thought out processes to meet regulation requirements, one of the major GDPR challenges is the ability to keep personal data stored securely. Even with robust processes and secure technology, Cyber crime is still on the rise – helped by ever advancing Cyber tools.
Don’t underestimate the value of personal data
Dental, medical and veterinary practices all hold a lot of personal and sensitive customer data, from addresses and telephone numbers to medical history, appointment information and card payment details. All this data is valuable to a Cyber criminal.
It’s no wonder with all this valuable information that healthcare organisations are becoming one of the most targeted sectors for Cyber criminals.
With the UK government promising data security, and the potentially devastating impact of a breach on a patient, practices need to protect themselves and patient information to the best of their ability.
Our article on the GDPR talks further about why smaller businesses are becoming bigger targets for Cyber hackers.
Insurance is a vital part of a practice’s Cyber security plan
With pressure from hackers growing, it is also an increasing concern for practices that managing Cyber crime is taking resource away from actually running the business.
To help manage your practice’s Cyber risk, insurance is an important part of your toolkit.
Not only does it give peace of mind that you will receive support during and after an event, but you will also get practical tools such as guidance from your insurer and broker on how to protect your data (and your practice) from Cyber crime.
Your Cyber Liability Insurance will likely cover areas such as:
- Compensation awarded to patients
- Patient legal fees
- Statutory fines
In addition you can also choose a policy that covers your hardware, data corruption & reinstatement costs, data breach expenses and loss of gross revenue, plus other risks.
While it is not currently mandatory to hold Cyber Liability Insurance, you should think about what your practice would do if your patient data was stolen or held to ransom.
Would you know who to contact in the case of a breach?
How would you sort out the financial fallout?
How would you get your systems back online?
Could you sort all this out and effectively continue managing your practice?
If you’re not sure how best to protect your medical, dental or veterinary practice data from Cyber crime, speak to one of our specialist brokers at All Med Pro to discuss your cover requirements.