William King, Commercial Development Manager at Lloyd & Whyte Ltd., looks at issues around cyber security and how to protect your practice.
It’s a sad fact of life that unscrupulous criminals will use difficult or challenging situations, such as the pandemic, to their own advantage and prey upon the vulnerable or pressurised amongst us.
The healthcare sector is under threat of increasingly sophisticated cybercrimes now more than ever. Data from Interpol1 revealed that ransomware incidents have increased by more than a third, with phishing and fraud claims increasing by 59%*.
During the height of the pandemic in March 2020, healthcare organisations, received approximately 16% more malicious messages associated with these campaigns, compared to other industries, according to the Healthcare threat landscape report**.
Any organisation that holds personal data, has a legal obligation to keep it secure and out of the hands of cybercriminals.
However, even if you do maintain good cyber security protocols and awareness within your business, it requires a multi-level approach and unfortunately people do still get caught out.
It’s not just about Malware.
It is clear that as Cyber-attacks now involve more social engineered tactics, they become even harder to detect and it’s not just valuable patient data that is at risk or being held to ransom via malware threats.
Although ransomware continues to be problematic for the healthcare industry, other aspect of threat include access to Intellectual Property, Personal Health Information and confirming payment details for fake invoices. Other avenues Cyber criminals exploit are via third party organisations with digital connections, such as pharmaceutical suppliers, researchers undertaking clinical trials, and even charities.
So how do you protect yourself financially from Cybercrime?
Don’t assume that your existing practice cover will protect you fully. Becoming a victim of a cyber-attack could mean large pay-outs, and you may need to recover losses, secure your network, plug the gaps, and get your systems back on track. You may even need to cover PR costs to mitigate reputational damage.
Fortunately, there is comprehensive cover available that can protect you against cybercrime. Cyber insurance (or cyber liability) is specifically designed to protect you against this ever-growing modern-day risk. It ensures that your practice is protected if it becomes the target of a host of cyber incidents such data extortion, attempts to defraud the business out of thousands of pounds or simply halt your operations by means of I.T sabotage.
Cyber Insurance policies should include incident response cover, which is important to help mitigate any further threats. If you have a Cyber Insurance policy check to see if your cover extends to offer you access to a dedicated incident and cyber response helpline. These helplines are available 24/7 so you are able to react to a cyber-attack quickly and effectively.
Technical expertise and real-world claims handling experience can make the difference between suffering a catastrophic loss or getting back online quickly.
For more information, visit the Lloyd & Whyte website at www.lloydwhyte.com/bcacyber.
BCA Members are reminded that the Information Commissioners Office has information and advice regarding cybercrime
The BCA advises members to ensure their data security measures are robust and commensurate. You may wish to consult a local IT specialist to check your systems. The ICO information above gives some good pointers.
If you have queries regarding the legal aspects of this issue, you can contact the legal helpline:
ARAG – 24 hours a day, 365 days of the year. Call 0344 571 7978 Quote policy number 500016
If you experience a data breach or suspected data breach, contact the ICO for advice and speak with the ARAG helpline.
About the Author: William King, Commercial Development Manager at Lloyd & Whyte Ltd. He specialises in creating insurance programmes for BCA members to ensure the correct commercial insurances are in place.
About Lloyd & Whyte: Lloyd & Whyte Ltd is registered in England No. 03686765. Lloyd & Whyte (Financial Services) Ltd is registered in England No. 02092560. Registered Office: Affinity House, Bindon Road, Taunton, Somerset, TA2 6AA.
*https://www.interpol.int/en/News-and-Events/ News/2020/INTERPOL-report-shows-alarmingrate-of-cyberattacks-during-COVID-19 2 https://www.proofpoint.com/us/resources/threatreports/2020-healthcare-report