At one time, it was believed that only the large Fortune 500 sized organizations faced the real threat of hacking, phishing, cyber ransom. In reality, about 50% of all cyber hacking targets small businesses. Even a more staggering number is that nearly 60% of the small businesses that suffered a serious cyber attack or breach will go out of business within six months post breach!
Most Physician Medical Malpractice policies are now equipped with an endorsement or “rider” that adds a small level of protection for Cyber Liability, this may be $25,000 per breach. If you think of all of the cost entailed in an actual breach, you would be left paying tens of thousands out of pocket. While there are a number of studies out there analyzing the cost of a typical healthcare related breach, the consensus is approximately $170 per patient record. Here is a list of breach related expenses that factor into this number:
Patient Notification Costs
Credit Monitoring for Patients
Reputation Loss and Loss of Business
HIPAA fines or other penalties
Cyber Ransom or Extortion (yes, that’s a real thing)
- Investigation Costs
So, How Much Cyber Insurance Do You Need To Purchase?
All of these costs also come with a significant markup. When an actual breach occurs, you won’t have time to shop for vendors. You need to stop the bleeding immediately and gather a team that can respond quickly, even if that means paying a premium.
This is more of a question of corporate risk tolerance and, of course, corporate budget. You can do some rough math by taking $170 per patient record multiplied by the number of records your organization maintains.
There are many more insurance carriers specializing in Cyber Liability Insurance today than ever before. This competition has driven premiums down, but more importantly, carriers now have more quantifiable data points to adequately price for this type of insurance. A $1,000,000 policy has become the norm, but carriers have the ability to provide lower limits or even provide policy limits as high as $20,000,000.