While you can certainly tackle a data breach yourself, the chances are you will not want to invest the time. For example, the Federal Trade Commission estimates that it takes an average of 400 hours to correct a single identity theft. This is valuable time that you can better spend tending to your business. In addition to time required to fix a cyber breach, you must act quickly so your business is not adversely affected. It is far wiser to pick up the phone and call the company that provides your Cyber Liability and Data Security Insurance to remedy a data breach situation.
The potential for committing libel or slander against someone else is greatly increased by the advent of the internet. With so much publication on the internet, there is greater than ever chance of being accused of plagiarism. Florida healthcare providers can, without knowing it, inadvertently release patient or employee information which should be kept private. Even if someone hacks into your system and does damage to a third party, you can still be held responsible because you did not take adequate precautions to prevent the hack.
A Florida Cyber Liability Insurance Policy provides defense protection and will indemnify the insured if he is sued by a third party who has suffered damages caused by any of the above situations.
A healthcare provider in Florida has significant exposure to data breaches and cannot rely on his general liability policy to protect him. The reason: exclusions in the policy for injury “arising out of the infringement of copyright, patent, trademark, trade secret or other intellectual property rights”. Also in the policy is an exclusion under the “Personal and advertising injury” section for injury arising out of an electronic chat room or bulletin board of the insured hosts, owns, or over which the insured exercises control.” This would exclude social networking and blogging.
In Florida, a cyber liability policy is meant to fill in the gaps created by these exclusions. Coverage on a Florida cyber liability policy is provided for “libel, slander, infringement of copyright, domain name, trademark, trade name, trade dress, logo, title, metatag, slogan, service mark or service name when arising from Web site activity, including social networking and blogging.”
So, a doctor cannot rely on the personal and advertising injury coverage section of this general liability policy to protect him from data breaches. He needs to purchase a cyber liability policy.
Cyber Liability insurance is very important for all Florida healthcare providers, regardless of size, specialty, or location in Florida. Florida physician and dental offices are especially vulnerable to a cyber liability loss because they deal with health-related information. Cyber liability claims are on the rise in Florida, robbing Florida patients of their privacy, exacerbating medical identity theft, and costing Florida doctors billions of dollars annually. Cyber liability breaches are costly to Florida doctors—fines, penalties and cyber legal costs, responding to cyber victims, and cyber credit monitoring for victims.
Cyber liability breaches in Florida occur in many ways: Lost or stolen files, hacking attacks, improper disclosure of sensitive information, and lack of proper disposal of sensitive documents.
In Florida, cyber liability insurance accomplishes three things:
- Cyber liability risk management to help the Florida doctor become legally compliant and strengthen their privacy and security programs.
- Cyber breach response services: If a Florida doctor has a cyber liability breach, he can pick up the phone and call the company for help. The rest is handled by the company.
- Insures against cyber liability breach costs, which can run into the millions of dollars. Included in cyber liability insurance in Florida are defense costs, coverage for regulatory fines and penalties, notification costs, credit monitoring costs, and public relations for damaged reputations.
Remember that cyber liability coverage is excluded by Florida property and malpractice insurance policies.
The universe of potential cyber liability plaintiffs is overwhelming to the Florida practitioner, when one considers the number of people and organizations on the internet.
Even if you do not hold personal security information, your business is still vulnerable to a data breach. Even if you use a third party to store patient information, you are still the “data owner” and are legally required to notify patients of a breach. While you may take credit cards but not store them, your practice may still be the victim of increasingly sophisticated hackers who are able to skim off credit card information. And, if you have employees, you are more than likely holding their personal information. Personal information does not have to be in electronic form to be exposed; paper information is a significant risk in storage or disposal.
Cyber liability insurance protects the Florida healthcare provider by covering:
- Expenses related to notifying patients following a data breach;
- Lawsuits stemming from a data breach; and
- Breaches of employee data and paper files.
So all Florida businesses that deal with any type of personal data, or has a presence on the internet or social media, need to seriously consider purchasing cyber liability insurance.