By now, you are probably aware of the prevalence of cyber threats in the healthcare sector — it is hard to avoid the disheartening statistics commonly making front page news. Cyber criminals are outwitting security measures of medical entities from mammoth-sized health systems to solo practices and reaping the rewards. Consider these statistics:
- Roughly one out of every three Americans has had his or her healthcare records compromised — and most victims are completely unaware.
- Complete healthcare records can go for $60 each on the black market. Compare that with stolen Social Security numbers at $15 apiece, or credit card numbers at $1 to $3 each. Medical health records give criminals a wealth of personal information that, unlike a credit card number can last forever.
- Cyber criminals can use such records to order prescriptions, pay for expensive treatments and surgery, and even file false tax returns.
While malicious data breaches seem to be on everyone’s radar, the independent physician is far more likely to encounter an accidental breach attributed to employee carelessness or business associate error that compromises protected health information (PHI). In fact, it is currently estimated that half of all data breaches in the United States are accidental in nature and can result in steep HIPAA penalties that could be easily prevented.
In 2016, Dr. Larry Ponemon, chairman and founder of the Ponemon Institute*, a research “think tank” dedicated to advancing privacy, data protection, and information security practices, told NBC News, "The problem is frequently not high-tech, but very low-tech.” He stated, “It's getting people who work in the organization to become smarter about data protection and privacy issues — there's still a lot of carelessness and negligence.”
Since its inception, CAP has strived to protect its physician members. Our comprehensive, value-added risk and practice management programs and services further that mission. To help you reduce the chance of a data breach, protect patient privacy, and remain HIPAA compliant, CAP offers you the following free benefits that you can immediately take advantage of:
The Physician’s Action Guide to Cyber Risk. This recent CAP-published practice management guide offers you tips on how to decrease the likelihood of a breach, what to do should a breach occur, how much cyber risk coverage you may need, and much more. Request your free digital copy here. For a hard copy version, contact CAP Membership Services at 800-610-6642.
CyberRisk Coverage. Every CAP member automatically receives $50,000 of protection against a potential data breach, including privacy liability, computer information security, and electronic media liability. CAP's own insurance agency can provide you with additional coverage, based on your needs, at highly competitive rates. For a free, no-obligation quote, call CAP Physicians Insurance Agency at 800-819-0061 or email CAPAgency@CAPphysicians.com.
CAP will soon launch a new cyber risk management website featuring webinars, tools to train employees, and much more. Additional details will be provided in next month's CAPsules.
HIPAA Compliance Assessment. The HIPAA Omnibus Rule requires that all medical practices now be 100 percent HIPAA compliant. Failure to comply can be costly and time-consuming. Through our trusted HIPAA compliance partner, Acentec, CAP members are entitled to a HIPAA compliance assessment free for the asking. It is a quick and easy online process that can help save you from the stress and fines of a HIPAA breach.
For more information or to schedule your free assessment, call Vince Breck at Acentec at 949-474-7774, ext. 219, or email CAPAdvantage@CAPphysicians.com.
As a CAP member, you also have access to a variety of other free HIPAA- and cyber risk-related resources, including action guides and a recording of our “Data Breach: It Can Happen to You” webinar. Simply visit the CAP website. We hope you take advantage of the many valuable benefits designed to protect you and your practice.
*The Ponenmon Institute published its Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data in May 2016. Click here download a free copy of this a comprehensive report on data breach in the healthcare sector