Why COVID Testing Labs Should Have Cyber Security Insurance in Case of a Data Breach

March 24, 2021 •
2021_Blog_Covid-Testing-Cyber

COVID testing labs have popped up around the country as the need for mass virus testing has emerged as one of the best ways to slow the spread of this deadly disease. They were needed so quickly that companies might not have considered all the necessary protections needed to ensure the organization is covered in the event of a data breach. Cyber security insurance is a must-have for most businesses in today’s world, and especially for healthcare related entities.

Why COVID Labs Need Cyber Liability Insurance

Healthcare Data Is a Target

In the past few years, the healthcare sector has become a prime target for criminals looking to steal consumer data. The reason for this increase is that hackers found that most legacy computer systems were vulnerable to breaches. In other words, they had very little security and were easy for hackers to get in through weaknesses in the systems. It’s very expensive to upgrade medical technology, so many healthcare facilities were behind the times in terms of up-to-date security.

Medical records contain a lot of personal data, including a patient’s first and last name, address history, social security number, and often, financial information (including insurance numbers and bank accounts). Hackers can get this information all at once by breaching a healthcare system and selling it for a high price on the internet. The combination of weak security and a treasure trove of information makes healthcare facilities vulnerable; even those that have just started operating.

The Costs of a Data Breach Are High

It’s estimated that a healthcare data breach will cost an organization about $1.4 million, which includes service disruption, loss of productivity, reputation damage, tools or systems damage, and patient notification. However, the biggest threat to COVID-19 testing facilities is the lawsuits that can result from a data breach or cyber-attack, especially if a patient’s care is adversely affected. Even if no data is stolen, you must still be able to deliver results on time so a patient can get the proper care.

For instance, if your testing systems went down because of a cyber-attack, and a patient wasn’t able to get their test results, they may sue you for impacting their ability to get care, particularly if they are positive for COVID-19 but no one will treat them without a test. During the litigation phase, your company could be in the news on a regular basis, which will further harm your reputation and bottom line. Insurance will help mitigate those losses.

As a HIPAA covered entity, not only will you have to deal the fallout and financial consequences of data breach, but you are also subject to the consequences and fines of committing a HIPAA violation.

Patient Safety Is at Stake

The healthcare sector has come to rely on technology for many aspects of patient care as we move more toward the electronic health record (EHR). If these systems become disabled, your patients’ safety could be compromised. For example, if your ability to test samples for COVID-19 becomes compromised, a patient may have to venture out of their quarantine to have another sample taken to be tested elsewhere. They could potentially expose dozens of other people to COVID-19 or their own health could suffer because they can’t get treatment until they’re officially diagnosed.

If this happens, you could be on the hook for not only the people you tested (or were unable to test) but also for anyone else exposed because that patient wasn’t able to get adequate care. A cyber security policy covers the costs of defending yourself in court and financial settlements or awards that you are legally required to pay after the case is adjudicated. Even if you don’t mean to harm patients, you can still be held liable.

Types of Cyber Insurance

Unlike more established insurance products, like life insurance and health insurance, there isn’t much of an established standard for cyber insurance policies. This means you need to carefully look at any policy you’re offered to make sure it covers everything you need it to. At minimum, your policy should cover data breach expenses, network security, privacy liability, and regulatory fines and penalties. However, more coverage is better, especially for medical facilities like COVID-19 testing labs. The costs can quickly spiral and affect your company’s reputation. You want to know that your insurance provider has experts in cyber security that can conduct forensic investigations to determine the cause of the breach, and help you restore data.

More comprehensive cyber security coverage will also include network extortion, business interruption costs, loss of profits and added expenses, data recovery costs, media liability, PCI fines, and reputational harm. You never know when a cyber-attack could be coming or how bad it could be, so securing the highest amount of coverage you can afford will protect you fully from even the most egregious cyber breach. Some coverage is better than none, but the more comprehensive, the better.

Payment Security

In addition to medical information, you may have to deal with payments, especially if you allow for patients to send in and pay for their own COVID-19 tests. Payment information is highly desired data for hackers, who are looking for credit card numbers and bank account information to sell on the internet. Cyber insurance will also cover you for payment information breaches and the financial fallout that results, including customer notification, which is legally required following a data breach.

These days, if you keep any type of electronic records or store data in the cloud, you need cyber security protection.

NOW Insurance cyber liability policies provide the flexibility to choose a policy that best fits your needs. With over 20 years’ experience in medical professional liability and allied healthcare, we know what healthcare providers need when it comes to data and PHI protection.

We provide a free cyber risk assessment tool that can help assess your entity’s risk in regard to cyber security. The assessment only takes a few minutes, and you’ll receive valuable information about how to improve your cyber security.

While you’re at it, pick a up a quick quote for your lab’s professional and general liability policy. NOW Insurance is simple, fast and affordable. Lab techs and testing labs need top notch insurance to practice with peace of mind during the trying times of the pandemic.

Related articles:

Cyber Liability and HIPAA Compliance

How to Create a Small Business Cyber Security Plan

Social Engineering: 7 Common Red Flags

Ransomware Rampant Among Small Businesses