As a mental health professional, you’re committed to helping individuals better cope with life’s ever-increasing psychological challenges — from eating disorders to Covid 19 anxiety. But in today’s era, several complex business-related issues also place ever-increasing demands on your time. One growing challenge in the world of insurance is something called cyber-insurance. Simply put, cyber-insurance helps protect businesses and individuals from Internet-based risks related to information technology infrastructure, information privacy, and like concerns.
Almost a third (28 percent) of data breaches in 2020 involved small businesses, according to the Verizon Business 2020 Data Breach Investigations Report (2020 DBIR).
Cyber-insurance policies are available to companies that provide healthcare services electronically — including but not limited to telemedicine platforms and providers, mHealth apps (self-service tools that allow patients to pay their bills, schedule appointments, send messages to their providers, access lab results, find physicians, and view their medical records), remote patient monitoring tools, artificial intelligence, and ePharmacies and eHealth research involving data collection and analysis.
Here are three coverage highlights of a typical cyber-insurance policy:
Ransomware is malware (a collective name for a number of malicious software variants, including viruses, ransomware, and spyware) that encrypts — encodes information into — a victim’s files. The attacker then demands a ransom from the victim to restore access to the data upon payment.
For example, A hacker has encrypted all of your files and won’t unlock them until you pay a ransom. You can breathe a sigh of relief if you’ve purchased a cyber-insurance policy that covers the cost of restoring data and gets you up and running again. Also included are HIPPA-related fines, penalty and resolution agreements, and more.
- Wire Fraud and Social Engineering
First, let’s define the terms:
Wire fraud occurs when someone uses a cell phone or computer—or any device that sends information across state lines—in an attempt to defraud someone. It is a federal offense. Social engineering is the use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes.
An example: A funds transfer request is sent to your controller by someone pretending to be the CEO of your company. (Or, if you’re a solo practitioner, imagine a more appropriate example of financial fraud.) Even if an illegitimate request like this one is fulfilled, you’re not out of pocket if you have adequate cyber insurance coverage.
- Phishing and Data Breaches
Phishing is the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.
Consider online payments, for example. With so many clients/patients paying for services online these days, if your payment system is hacked, consider the difficulties — loss of trust from clients, hours of wasted time in “making things right” , and the financial expense of fixing or installing new systems.
A cyber-insurance policy can cover liability for data breaches that involve sensitive customer information (Social Security numbers, credit card numbers, account numbers, driver’s license numbers, names, addresses, and health records).
When it comes to tech-related crime, the threats are real. I welcome the opportunity to help you figure out what you need to do to keep your data safe, secure, and private. Please give me a call or send an email. Let’s talk about it.
Mary Jane Alagheband
E.J. Coyne & Company, Inc.
778 Busse Hwy./P.O. Box 598
Park Ridge, IL 60068