Protect Your Dental Office from Cyber Attacks

You’ve probably read about big hacking attacks against major corporations and even government agencies, but what hasn’t made a lot of news are the hacking attacks that are now launching regularly against small businesses.

Over the past few years, hackers have expanded their attacks beyond multinationals to much easier targets: small businesses that store data in electronic form. Dental and medical offices, which have made the leap to totally computerized systems and digital records, are now a prime target for hackers.

Because they have limited budgets and few or no technical experts on staff, dental offices generally have weak online security – cyber criminals have taken notice. Visa Inc. reports that about 95% of all credit card breaches it discovers are on its smallest business customers. Worse still is the fact that most of these small companies have no cyber liability policies in place to protect them from losses.

Why does a dental practice need cyber/privacy insurance? Most dentists are probably not aware of the threat of hacking and the costly damages that can occur when personal financial data is compromised – especially given the presence of personal health information they and their vendors have access to. Plus, most dentists are not aware that their standard insurance coverage (Malpractice, General Liability, and Property) typically doesn’t provide proper coverage for cyber and privacy liability.

Any dental practice that collects and electronically stores information should have cyber liability. A dental practice carries a significant exposure to cyber risk if it:

• Obtains social security numbers, personal health information, driver’s license numbers, bank account numbers and credit card information of patients
• Is in the process of going paperless or stores paper files
• Provides online access for payment
• Has a web site
• Relies on a computer network on a daily basis

In terms of financial threats to your practice, costs to comply with federal and state required notification are estimated to be an average of $214 per record! In addition, there are various regulatory proceedings (including fines and penalties) as a result of a privacy breach, including alleged HIPAA violations.

Can it happen to you? There have been plenty of situations where dental practices were severely harmed by an electronic security breach. Here are just a few:

• A hacker gained unauthorized access to a surgery center’s computer system. The practice failed to notify patients in a timely manner, and suffered fines and penalties for not adhering to HIPAA laws and regulations.
• A practice’s computer network was down for 4 days as the result of a Trojan horse attack and was unable to access billing or scheduling software, resulting in a need to hire experts to correct the system and return it to a functioning state.
• A practice had a web site and posted testimonials from patients. As a result of the practice not obtaining proper authorization to use of the patient’s comments, it was sued for invasion of privacy.
• A rogue employee with access to passwords left the employment of the practice and proceeded to disrupt the electronic activities of the business from a remote computer.

You can protect your dental office from cyber attack with a dedicated new policy package that is flexible and affordable.

• It’s modular. You pick and choose appropriate coverage lines.
• It provides industry-leading coverage for both 1st party and 3rd party exposures.
• I can help you understand it. At any point, I can help explain the coverage in detail and answer your questions.

Unfortunately, hacking is a reality for small businesses these days. For the dental office, it can be incredibly damaging. To learn more – and to be protected against a cyber security breach – please contact us today.