Fintech Today
Subscribe
  • Home
    • Home – Layout 1
    • Home – Layout 2
    • Home – Layout 3
    • Home – Layout 4
    • Home – Layout 5
  • Vegetation
    • All
    • Ecosystem
    • Farming
    • Forest
    • Tropical

    The blue wings of this dragonfly may be surprisingly alive

    Petunias spread their scent using pushy proteins

    Horse version of ‘Who’s your daddy?’ answered

    Getting a flu ‘shot’ could soon be as easy as sticking on a Band-Aid

    Gecko-inspired robot grippers could grab hold of space junk

    Carved human skulls found at ancient worship center in Turkey

    Magical fish basically has the power to conjure its own Patronus

    Sound-reflecting shelters inspired ancient rock artists

    Every breath you take contains a molecule of history

    Trending Tags

    • Large Hadron Collider
    • Future of Medicine
    • climate change
    • Sustainability Ecosystem
    • Science Research
    • Flat Earth
  • Health
    • All
    • Biomedical
    • Medicine
    • Psychology
    • Surgery

    The moon might have had a heavy metal atmosphere with supersonic winds

    The blue wings of this dragonfly may be surprisingly alive

    Petunias spread their scent using pushy proteins

    Horse version of ‘Who’s your daddy?’ answered

    Getting a flu ‘shot’ could soon be as easy as sticking on a Band-Aid

    Gecko-inspired robot grippers could grab hold of space junk

    Trending Tags

    • Flat Earth
    • Robotics Science
    • Nanotechnology
    • Global Warming
    • Future of Medicine
  • Biology
    • All
    • Animal
    • Evolution
    • Genetics
    • Organism

    The blue wings of this dragonfly may be surprisingly alive

    Petunias spread their scent using pushy proteins

    Horse version of ‘Who’s your daddy?’ answered

    Getting a flu ‘shot’ could soon be as easy as sticking on a Band-Aid

    Chronic flu patients could be an early warning system for future outbreaks

    Floral curve test shows what’s great for a moth is not so good for a flower

    Magical fish basically has the power to conjure its own Patronus

    Sound-reflecting shelters inspired ancient rock artists

    Every breath you take contains a molecule of history

  • Art & Culture
    • All
    • Imagination
    • Modernism
    • Museum
    • Symbolic

    The moon might have had a heavy metal atmosphere with supersonic winds

    The blue wings of this dragonfly may be surprisingly alive

    Petunias spread their scent using pushy proteins

    Horse version of ‘Who’s your daddy?’ answered

    Gecko-inspired robot grippers could grab hold of space junk

    Carved human skulls found at ancient worship center in Turkey

    Chronic flu patients could be an early warning system for future outbreaks

    Floral curve test shows what’s great for a moth is not so good for a flower

    Magical fish basically has the power to conjure its own Patronus

    Trending Tags

    • Nanotechnology
    • Global Warming
    • climate change
    • Flat Earth
No Result
View All Result
Fintech Today
  • Home
    • Home – Layout 1
    • Home – Layout 2
    • Home – Layout 3
    • Home – Layout 4
    • Home – Layout 5
  • Vegetation
    • All
    • Ecosystem
    • Farming
    • Forest
    • Tropical

    The blue wings of this dragonfly may be surprisingly alive

    Petunias spread their scent using pushy proteins

    Horse version of ‘Who’s your daddy?’ answered

    Getting a flu ‘shot’ could soon be as easy as sticking on a Band-Aid

    Gecko-inspired robot grippers could grab hold of space junk

    Carved human skulls found at ancient worship center in Turkey

    Magical fish basically has the power to conjure its own Patronus

    Sound-reflecting shelters inspired ancient rock artists

    Every breath you take contains a molecule of history

    Trending Tags

    • Large Hadron Collider
    • Future of Medicine
    • climate change
    • Sustainability Ecosystem
    • Science Research
    • Flat Earth
  • Health
    • All
    • Biomedical
    • Medicine
    • Psychology
    • Surgery

    The moon might have had a heavy metal atmosphere with supersonic winds

    The blue wings of this dragonfly may be surprisingly alive

    Petunias spread their scent using pushy proteins

    Horse version of ‘Who’s your daddy?’ answered

    Getting a flu ‘shot’ could soon be as easy as sticking on a Band-Aid

    Gecko-inspired robot grippers could grab hold of space junk

    Trending Tags

    • Flat Earth
    • Robotics Science
    • Nanotechnology
    • Global Warming
    • Future of Medicine
  • Biology
    • All
    • Animal
    • Evolution
    • Genetics
    • Organism

    The blue wings of this dragonfly may be surprisingly alive

    Petunias spread their scent using pushy proteins

    Horse version of ‘Who’s your daddy?’ answered

    Getting a flu ‘shot’ could soon be as easy as sticking on a Band-Aid

    Chronic flu patients could be an early warning system for future outbreaks

    Floral curve test shows what’s great for a moth is not so good for a flower

    Magical fish basically has the power to conjure its own Patronus

    Sound-reflecting shelters inspired ancient rock artists

    Every breath you take contains a molecule of history

  • Art & Culture
    • All
    • Imagination
    • Modernism
    • Museum
    • Symbolic

    The moon might have had a heavy metal atmosphere with supersonic winds

    The blue wings of this dragonfly may be surprisingly alive

    Petunias spread their scent using pushy proteins

    Horse version of ‘Who’s your daddy?’ answered

    Gecko-inspired robot grippers could grab hold of space junk

    Carved human skulls found at ancient worship center in Turkey

    Chronic flu patients could be an early warning system for future outbreaks

    Floral curve test shows what’s great for a moth is not so good for a flower

    Magical fish basically has the power to conjure its own Patronus

    Trending Tags

    • Nanotechnology
    • Global Warming
    • climate change
    • Flat Earth
No Result
View All Result
Fintech Today
No Result
View All Result
Home Featured

A healthcare cyber checkup with experts from Beazley Breach Response

by Ryan Schradin
June 13, 2018
in Featured, Insuretech
0
Share on FacebookShare on Twitter

When we see a financial services company – like Citigroup or Equifax – fall victim to a major data breach, or when we see a major retailer – like Target or TJX – fall victim to a breach, it makes sense. Much like how robbing a physical bank or a convenience store makes sense -they have and control large amounts of money. If you’re looking for a financial payoff for your criminal activities, you go where the money is.

What may seem to make less sense is when a company like Anthem, or a health group like Verity Medical Group, falls victim to a data breach. What do malicious actors have to gain from compromising the networks and data of a healthcare company?

Click here to download the Beazley US Healthcare Data Breach Insights Report.

To get the answer to that question, we sat down with two cyber insurance and cyber risk experts, Brett Anderson, a Breach Response Services Manager, and Frank Quinn, a Breach Response Risk Manager, both at Beazley Breach Response, the cyber insurance division of the specialty insurer with three decades of experience working with clients worldwide.

The company recently released their, “US Healthcare Data Breach Insights Report,” which detailed the risks facing American healthcare companies and broke down the kinds of attacks that healthcare companies are facing. A complimentary copy of that report can be downloaded by clicking HERE.

During my discussion with Brett and Frank, we talked about the report’s findings, why malicious actors attack healthcare companies, what they can do to protect themselves and if they feel that healthcare companies are doing enough to protect themselves against breach – including purchasing cyber insurance.

Here is what they had to say:

Insurance Tech Insider (ITI): What does the threat landscape look like for healthcare organizations? Who would want to compromise healthcare data and why?

Frank Quinn: The threat landscape is active and full of challenges for healthcare organizations.  A typical patient medical record contains not only sensitive personally identifiable information such as a Social Security numbers and medical account numbers but also information about physical and mental health conditions, treatments, and prescriptions.

These elements taken together constitute protected health information (PHI) which is very attractive to criminals.  PHI is valuable; theft of PHI has lead to identify theft and insurance fraud, and also to extortion demands where healthcare organizations face the threat of external disclosure of PHI.

ITI: How do healthcare organizations rank in terms of priority among malicious actors? Obviously financial services and retail are among the top targets for data thieves…but how do healthcare organizations compare? 

Frank Quinn is a Risk Manager at Beazley Breach Response, where he helps the company’s clients minimize the frequency and severity of data breaches.

Frank Quinn: Healthcare is often targeted due to the robust nature of PHI and the volume of data maintained by healthcare organizations.  Medical records generally trade on the black market at rates higher than credit card numbers, for example. Of the over 7,000 data incidents managed by Beazley’s Breach Response (BBR) Services team, the vast majority come from the healthcare sector.

ITI: Your report found that unintended disclosure accounted for the largest percentage of healthcare data breach incidents. What does “unintended disclosure” entail and include? Why is it harmful to the company and its patients?

Frank Quinn: Unintended disclosure refers to disclosure of PHI to the wrong recipient. Most often, unintended disclosure involves carelessness, whether it’s an email containing PHI sent to the wrong recipient, discharge instructions given to the wrong patient, or patient records transmitted or faxed to the wrong destination.

The federal Health Insurance Portability and Accountability Act (HIPAA) requires healthcare organizations to investigate unintended disclosures to determine if there is a HIPAA breach and – if so – to notify affected individuals, which can have operational and reputational costs. Because the healthcare organization must also report breaches to the U.S. Department of Health and Human Services Office for Civil Rights (OCR) – the agency that enforces HIPAA – unintended disclosures may open the door to an expensive investigation of the organization’s overall HIPAA compliance program.

ITI: How can healthcare organizations fight against unintended disclosure? What processes and technologies can they look at to eliminate the threat of unintended disclosure?

Frank Quinn: The number one control involves workforce training regarding how employees and staff must protect PHI. Organizations should train employees to verify patient identities by confirming at least two pieces of information, such as full name and date of birth or insurance number. Before sending any PHI electronically, employees should double-check the email address or fax number to confirm they’re sending it to the right recipient. Employees should include only the minimum PHI necessary for the communication.

Technologies such as encrypted email, patient portals, and data loss prevention software can also assist, if they’re configured properly and employees are trained how to use them. We live in a world where technology allows us to immediately communicate and we have to train staff to slow down and take their time, given the potentially drastic consequences of mishandling this data.

ITI: What kinds of breach incidents comprised the other 59 percent of breach incidents reported?

Brett Anderson: Insider incidents – such as an employee intentionally looking at the patient record of a family member or local celebrity without authorization – made up another 15 percent, meaning that more than half of incidents are caused by employee behavior.

Organizations can reduce risks through training, creating a culture that takes reporting and investigation seriously, and auditing access to electronic medical records. External causes of breaches include hacking or malware, theft or loss of portable devices or of paper records, and social engineering.

ITI: In your opinion, are healthcare companies doing enough to combat and mitigate their risk of data breach?

Brett Anderson is a Privacy Breach Response Services Manager with Beazley, where he supports clients with data breach investigations, and assists with privacy and security risk management and loss control.

Brett Anderson: Healthcare organizations are hit from all sides in terms of regulations that require operational changes, so it is no surprise that healthcare organizations are challenged and playing catch-up regarding privacy and security best practices.

Healthcare, in general, seems to have moved forward in terms of awareness but we still hear too many CISOs not able to get the budget they need to hire skilled information security staff or even to implement basic security controls such as full-disk or full-device encryption.  In fact, today having multi-factor authentication is becoming a best practice, and most healthcare organizations will be in catch-up mode on this.

ITI: Just based on your own experience, what percentage of healthcare organizations would you say have implemented a cyber security or data breach insurance policy? Is this in line with other markets and industries? Do you anticipate that number increasing in the near future?

Brett Anderson: In general, only about one-third of businesses have purchased a cyber liability policy but healthcare is slightly higher.  We do expect a large increase of buyers in the next 3-5 years.

ITI: What services is Beazley offering healthcare and other companies against cyber risks and data breaches?

Brett Anderson: Beazley has been underwriting cyber insurance to the healthcare sector and other sectors for almost two decades. Our Beazley Breach Response (BBR) product provides turn-key incident investigation and breach response services managed by our BBR Services team.

Through our interaction with thousands of the nation’s healthcare organizations, we know that many organizations need help before an incident arises, that is, help to prevent a breach.  Our services portfolio contains, in addition to our breach response services, many pre-breach and post-breach risk management services and resources available to our policyholders. Beazley offers an array of proactive technical services pre-incident, a comprehensive breach response service during the cyber incident, and an advisory service after a breach to shore up security.

ITI: How do these services benefit customers both before and after they fall victim to a breach?

Brett Anderson: Beazley recognizes that preparing for and preventing breaches have become inseparable from insuring against data breaches. With the increasing need for pre-breach and cyber security services, Beazley established Lodestone Security LLC, a wholly owned subsidiary of Beazley plc, to offer both strategic and tactical services and expertise so that small and mid-sized organizations can enhance their cyber defenses before an incident occurs.

On our risk management information portal, BeazleyBreachSolutions.com, insureds benefit from resources to create and test their incident response plan, develop policies, and train their employees.

We also provide live webinars and other educational materials on emerging cyber threats, information security controls, and regulatory developments. And if an insured does experience a suspected data breach, our BBR Services team assists with the legal, forensic, and other services needed to investigate the incident, notify affected individuals if necessary, and resolve any regulatory inquiries or litigation.

To learn more about the cyber risks facing healthcare companies, click HERE to download Beazley’s “US Healthcare Data Breach Insights Report.” To learn more about the company’s cyber insurance solutions click HERE to go to their corporate Website.

Tags: AnthemBeazleyBeazley Breach ResponseBrett AndersonCitigroupcyber insurancecybersecuritycybersecurity insuranceDepartment of Health and Human Services Office for Civil RightsEquifaxFrank QuinnHealth Insurance Portability and Accountability ActHHSHHS OCRHIPAAnetwork security
Advertisement Banner
Next Post
top of wallet

4 Tips to Ensure Your Card is Top of Wallet with Customers this Holiday Season

Weekly Insurance Roundup – Get Out of Town Edition

fintech

Why We Are Thankful for Fintech

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent News

FSI organizations

Can AI Solve the Personalization Dilemma for the FinServ and Insurance sector?

January 21, 2021
UnitedHealthcare

UnitedHealthcare Survey Finds Consumers Turning to Digital for Insurance Information

January 13, 2021

Category

  • Animal
  • Bankingtech
  • Biomedical
  • COVID-19
  • Customer Engagement
  • cyber insurance
  • cyber security
  • data
  • Ecosystem
  • Editor's picks
  • Evolution
  • Farming
  • Featured
  • FinTech
  • Forest
  • Genetics
  • Imagination
  • Insuretech
  • Medicine
  • Modernism
  • Museum
  • Organism
  • Paytech
  • Psychology
  • Resources
  • Surgery
  • Symbolic
  • Tropical

Site Link

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

About Us

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Check our landing page for details.
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2017 JNews - Premium WordPress news & magazine theme by Jegtheme.

No Result
View All Result
  • Home
  • Vegetation
    • Forest
    • Farming
    • Forest
    • Ecosystem
  • Biology
    • Animal
    • Evolution
    • Organism
    • Genetics
  • Health
    • Psychology
    • Surgery
    • Biomedical
    • Medicine
  • Art & Culture
    • Modernism
    • Museum
    • Symbolic
    • Imagination

© 2017 JNews - Premium WordPress news & magazine theme by Jegtheme.