Most people assume the greatest threat to patient health record security is computer hacking. But in fact, negligence, not hacking, is a far greater threat to health record security, according to the U.S. Department of Health and Human Services (HHS).
EHR/EMR data breaches are bound to happen. With EHR/EMRs being mandated by 2014, I expect that “data breaches” and EHR/EMRs will become synonymous.
It is no secret that medical identity theft is on the rise. EHRs will also exacerbate this problem and not solve it. Please don’t get me wrong, as I am all for the EHR system, as I truly believe it will reform our health care system and offer great savings over the long term and will help improve the health of all U.S. citizens. However, being someone that thinks about security, privacy and data breaches 24/7, the EHR does not come without risk. With anything, the greater the potential, the greater the risk. This explains the EHR. This is why it is important for health care organizations to take preventative measures to protect against data breaches. Today. its not a matter of “if” a data breach will happen it’s a question of “when?” When your data breach happens, will you be ready?
TRICARE made recent headlines due to a huge data breach. This was due to a “business associate” (a contractor) who lost electronic medical records for at least 4.9 million military beneficiaries in a car break-in. While currently there is no indication that the data was accessed by unauthorized persons, the data breach happened and needed to be reported and patients need to be notified. This can be a challenging and lengthy process for a health care organization that does not have a data breach response plan in place at the time of the breach.
If a data breach is just a question of “when will it happen”, it is only common sense to implement a data breach response plan before one happens.
When your data breach happens, do you have a data breach response plan in place? Data privacy insurance can help you put a data breach response plan in place so that’s its ready to act. It can help with things such as (not limited to) client notifications, client hotlines, credit monitoring, forensic investigations, public relations and much more.
Its best to create a breach response plan before your data breach occurs, so that you are prepared and ready to respond to your breach. Don’t wait until your data breach happens to create your response plan, create yours today.
Cyber Data-Risk Managers LLC is an independent insurance agency with access to multiple A rated insurance carriers. We work with your business to help you find the right insurance policy and at the right price.