麻豆放映免费

4 -MINUTE READ

Healthcare Ransomware Attacks Double, Driving Up Cyber Premiums

Feb 15, 2023

Across the board, we鈥檝e seen a rise in cybercrime over the past few years, and the healthcare sector is being hit especially hard. HIPAA Journal that between 2009 and 2022, there were a combined total of 5,150 healthcare data breaches of 500 records or more.

Healthcare data breaches have continued to rise over the last decade. (Source: )

Not only is the frequency of healthcare data breaches rising, so are the resulting costs. According to IBM鈥檚 , the average total cost of a healthcare data breach is $10.10M. This puts healthcare in the lead for the highest average data breach cost for any industry for 12 straight years.听

Healthcare leads the way as the industry with the highest average cost for a data breach. (Source: )

Rise of Ransomware Attacks in Healthcare

A data breach occurs when someone gains unauthorized access to sensitive or confidential data, like names, addresses, birthdates, social security numbers, and credit card numbers. For healthcare organizations, this might also include medical records and insurance information.听

Although there are a number of different types of data breach attacks (phishing, DDoS, malware, and keystroke recording, just to name a few), the sharp rise of ransomware attacks on healthcare organizations is particularly troubling.听

According to a published in JAMA by researchers at the University of Minnesota and University of Florida, ransomware attacks on U.S. healthcare organizations more than doubled from 2016 to 2019 (from 43 to 91). In that five year span, a total of 374 ransomware attacks exposed the personal health data of almost 42 million patients.

Ransomware Attacks Cripple Healthcare Business Operations

In a ransomware attack, a cyber criminal holds an organization’s data 鈥渉ostage鈥 by encrypting it and denying access. The criminal demands a ransom fee in exchange for releasing access back to the organization. In other types of data breach attacks (phishing or malware, for example), the goal is to steal data. But in the case of ransomware, the goal is typically to disrupt business operations so severely that the organization is compelled to pay the ransom.听

Though disruptions to business operations can cripple any business, for healthcare organizations, disruptions such as these can have life-threatening consequences. The University of Minnesota and University of Florida researchers explain:听

鈥淣ews coverage of individual attacks suggests that ransomware attacks are substantially disruptive to care delivery, with reports of computers and electronic health records being disabled or encrypted, clinicians forced to document care using pen and paper, appointments and surgeries delayed or canceled, emergency departments forced to divert ambulances, and practice infrastructure so damaged that some practices have opted to close rather than try to restore systems.鈥

The researchers found that facilities most commonly impacted by ransom attacks are clinics, followed by hospitals, delivery organizations, and ambulatory surgical centers.听

Lack of Reporting Masks Full Impact of Ransomware

In their report, researchers noted that the true number of healthcare ransomware attacks is actually larger than what they reported. The federal database intended to document and track these breaches is woefully lacking. Although healthcare organizations are required to report breaches, some don鈥檛, and a staggering 58 percent report outside the mandated 60-day reporting window.听

In addition, the federal database鈥檚 reporting doesn鈥檛 collect important information necessary to fully understand the scope of ransomware damage. For instance, there鈥檚 no requirement to report the operational disruptions experienced during an attack or whether paying the ransom actually resulted in data being successfully and safely released.听

Impact of Data Breaches on Insurance Coverage

Ransomware is one of many important coverages within a Cyber Liability policy. Though specific terms can vary depending on the policy, ransomware protection can help a company recoup the financial costs associated with an attack, which can be profound.听

On average, . During that time, healthcare facilities may need to cancel appointments or send patients elsewhere, which translates to a loss of income. Those business income losses can tack on an additional to the total cost of a ransomware attack.

Even more troubling, the total cost of a ransomware event has been steadily rising. , cyber development leader from CFC Underwriting, 鈥淲e鈥檙e seeing it cost 10 times the amount of what a ransomware event would have cost about three years ago, so naturally the market has had to respond to that.鈥澨

In an effort to curb their losses, carriers are raising premiums, reducing coverage limits, increasing retentions, adding coinsurance clauses, and tightening up on security control requirements.

Demonstrating Cyber Resiliency Is Key when Negotiating Terms

When reviewing cyber policy applications, cyber underwriters are paying more attention to things like security controls, data management, and their business resilience plans. It鈥檚 imperative that healthcare organizations demonstrate their ability to not only protect themselves against attacks, but also provide specifics on incident response plans in order to guard against losses in the event of an attack.听听听听听

麻豆放映免费鈥檚 specialized cyber brokers provide the knowledge, guidance, and market access required to secure a comprehensive insurance solution for your healthcare clients. Contact our cyber experts for more information.

The 麻豆放映免费 Healthcare Insurance Team

The 麻豆放映免费 Healthcare Insurance Team

Healthcare industry risks are often complex and can have life-threatening impacts. It鈥檚 vital to partner with a wholesaler who can quickly pivot and adapt to the ever-evolving needs of your healthcare clients. 麻豆放映免费鈥檚 experience, relationships and expertise within the medical professional liability class make us a premier source of coverage for a wide variety of insurance needs. Regardless of the claims history, risk exposures, or operational complexities, our specialized brokers have you and your clients covered.
cyber insurance | healthcare | ransomware | ransomware attacks

EXPLORE FURTHER

TRENDS & WHITE PAPERS

麻豆放映免费 Professional Lines Insurance

Navigating the New Frontiers
of Professional Lines Insurance

From EPLI to Cyber, partnering with an expert professional lines broker makes the rough road much smoother. We live in a world where risks evolve rapidly, especially for businesses. 麻豆放映免费鈥檚 specialized brokers share the six biggest challenges facing the Professional Lines industry today.

CASE STUDIES | Q1 2023 | 7 MINUTES

RECENT POSTS

INDUSTRY TOPICS

PUT JENCAP TO WORK FOR YOU

麻豆放映免费鈥檚 healthcare brokers are at the top of their fields and understand each and every unique underwriting intricacy of the healthcare industry. We skillfully assess the exposures and needs of each account鈥檚 healthcare business risks and provide winning insurance solutions. No existing solution? No problem 鈥 we鈥檒l create one that鈥檚 customized to your clients鈥 unique situations. With our brokers鈥 deep product expertise, geographic knowledge, strong market intelligence, and keen eye for emerging industry trends, your clients will get the right policy every time, regardless of coverage need and risk exposure.

Stay Informed

Want to receive information from 麻豆放映免费 on timely marketplace trends, hot new product and program launches, and valuable product expertise that will set you up to win? Sign up below to receive email communications from 麻豆放映免费.

Name(Required)
This field is for validation purposes and should be left unchanged.