Cyber Security in 2017 Print
Written by Jeffrey Herschler   
Friday, 24 February 2017 00:00

Phishing, spoofing, data breaches, ransomware and other scary digital stuff were among the topics at the South Florida Executive Forum (SFHEF) produced panel discussion held at the UHealth/Jackson campus last week (2/16/17). The featured speakers were:
  • Helenemarie Blake, Esq Chief Privacy & Data Security Officer and Assistant Vice President Compliance, Interim at University of Miami and U Health
  • Forest Blanton, Senior VP / Chief Information Officer, Memorial Healthcare System
  • Karl Norris, Founder and Architect of Duolark, LLC and Med-Detect
  • Matt Gracey, co-Founder and CEO of Danna-Gracey, an independent insurance agency specializing in insurance coverage for the healthcare industry
I had a chance to catch up with Matt Gracey immediately after the program. Below is a transcript of our chat:

JH  Cyber liability insurance was pretty obscure when you first started offering the product a few years back. Now, many data breaches later, how would you describe the market?

MG  The medical community seems to have awakened to the cyber risks much more recently. This follows and abundance of breaches and ransom issues for medical practitioners. Doctors and their administrators are finally realizing they are cyber targets not just hospitals and large healthcare entities. Patient records are some of the most sought after data for cyber criminals some the risks are rising rapidly. One study now says over 90% of medical practitioners have had their data breached in the last 24 months.

JH  One particularly nasty form of cyber crime is ransomware. A lot of providers just pay the ransom and move on. Is that a good idea? 

MG  Each situation is different so it all depends on the specific circumstances of the event. This is why healthcare providers need insurance coverage which allows the organization to get expert help in the event of a ransom demand.

JH  What's the biggest cyber threat to a health practice/facility?

•     The unemployed millennial living in his parent's basement
•     An East European criminal gang of hackers
•     A careless or dishonest employee

MG  Over 50% of breaches are caused by criminal hackers but the disgruntled employee or ex-employee as well as device theft/misplacement are also issues.

JH  Some doctors, solos and from small groups, have told me they don't need cyber insurance because the deep pocketed mega groups and hospitals are the real targets. Is that a valid argument against a cyber liability insurance purchase?

MG  This is the biggest misconception that we hear and is totally false. As the big guys get their defenses more improved, the smaller practices will be even harder hit since many are not keeping up with their systems.

JH  Twenty-six percent of U.S. consumers have had their personal medical information stolen from healthcare information systems, according to results of a new study from Accenture. This is mind-boggling. If you were running a medical practice or facility, what would be the three things you would do immediately to prevent this from happening to your patients?

MG  Get a comprehensive risk assessment, follow its findings and continually educate all of the doctors and employees in the practice.

The SFHEF will hold its next panel discussion March 16. You can learn more about that event here>>

Last Updated on Wednesday, 01 March 2017 17:27