The healthcare industry, like many others, has been exposed to increasing cyber threats, some of which have capitalized on the fear created by the pandemic.
“We are seeing an increase in phishing scams and ransomware because working from home makes you more vulnerable,” said Kareen Boyadjian, director, underwriting – product leader Medefense & e-MD at Tokio Marine HCC - Cyber & Professional Lines Group. “The landscape is certainly going to change from COVID-19 and from everything else currently happening in this environment.”
Working from home does not include the same cybersecurity measures that are in place while working in an office. Network or software protections are less sophisticated at home, which allows malware or ransomware to easily infiltrate a system. This is especially concerning for many small healthcare groups that have not been able to easily transition from their medical office to this new environment.
Another coronavirus-related issue impacting the industry has been fraud in the healthcare space. Scammers call certain medical groups stating they have a surplus of masks or tests to sell and, providing payment information to purchase the surplus, but, in fact, the medical group gets duped into a fraudulent act. This ultimately leads to financial losses for the group. The United States Attorney General William Barr has created a coronavirus taskforce in multiple districts in the country to fight against coronavirus fraud schemes, such as this one.
The risks stemming from the pandemic are building on an already fragile and complex cyber risk environment.
“Long gone are the days where the biggest cyber concern for a healthcare group was a lost laptop or cell phone,” said Boyadjian. “The exposure has evolved. Patient information is now digitally exchanged multiple times between healthcare groups.”
Many different people have access to medical records, including doctors, nurses, physician’s assistants, billing companies, laboratories, and/or telemedicine firms, which introduces more potential points of access for cyberattacks. An additional concern is the fact that the data healthcare groups hold often contains not just a credit card number, but banking information, insurance information, and social security numbers – all of which are very lucrative on the black market.
Both the frequency and severity of cyber losses are increasing. Two years ago, the typical extortion demand averaged $50,000, whereas today the Tokio Marine HCC – Cyber and Professional Lines Group regularly sees six and seven-figure demands, and occasionally demands as high as eight-figures, according to Boyadjian.
While large multi-million-dollar healthcare groups possess the resources to implement cybersecurity measures, many small to mid-sized groups may not have the resources to implement proper controls. Often, they lack an IT department to help them through these events and advise them on cybersecurity protocols. Purchasing a comprehensive insurance coverage is an important first step for these insureds.
“A comprehensive cyber product will provide you with resources and an arsenal to combat and defend against the current form of cyberattackers, as well as identify your system vulnerabilities so you can implement proper controls,” noted Boyadjian.
While the cyber market has expanded and today has a lot more entrants than it did five years ago, certain carriers are better positioned to offer comprehensive solutions to healthcare insureds. Tokio Marine HCC – Cyber and Professional Lines Group, for instance, has an in-house claims department and established partnerships with cybersecurity vendors, as well as additional coverage for healthcare groups known as Medefense™, which addresses the unique regulatory exposures they face, such as billing error proceedings.
“We offer e-MD™, which is our trademarked version of cyber coverage for physician groups, and we can offer it separately from the Medefense™ coverage or combined with it,” said Boyadjian, though she added, “Having both products combined on one form is most advantageous to an insured because the coverages complement each other.”
When a healthcare group has a breach and a regulatory agency lifts the hood to review the business’s protocols and operations, it could very easily lead to a billing investigation shortly thereafter. With just a cyber product, insureds could be left holding the bag halfway through that investigation, which underscores how important it is for agents and brokers to bring this type of solution to their clients.
“It adds value to the professional liability offering beyond the standard coverage because it fills a gap many insureds don’t realize is necessary until they get hit with a regulatory proceeding. Based on the claims we’ve seen for the past 20 years, we know it can be detrimental to any practice. Agents and brokers familiar with our combined product understand it’s a unique offering. For those unfamiliar, we provide the tools and resources to demonstrate how to best address your insureds’ need for the coverage.”