Why your care facility should consider Cyber Insurance
Why your care facility should consider Cyber Insurance
As our reliance on the digital world increases it is no real wonder that cybercrime is on the increase, and this has been clearly evident in the last two years.
For the opportunistic cybercriminal, it’s been a good time to commit cybercrime, as the pandemic has forced us to move away from our usual routines and reliable systems, leaving an exploitable gap in our security as we quickly adapted to new ways of working.
Between April and June 2021, the ICO reported that there were 2552 data security incidents in the UK with 688 of those related to a cybercrime. The healthcare sector was one of the most affected with 607 data security incidents in total - 108 a direct result of a cyberattack.
According to Police data analysed by cyber security company Nexor, there was a 31% increase in cyber related cases over May and June 2020. The most common attack occurred through email or social media, and accounted for 53% of all attacks on businesses, leading to substantial multi-million pound losses. Healthcare, financial institutions, manufacturing, real estate, and education were the most targeted industries.
Whether a big or small-scale event, a cyber-attack is likely to have serious consequences for any business – shutting systems, deleting data, preventing data access or stopping them from trading altogether. Dealing with the fall out of a cyber-attack can be complicated and stressful, not to mention time-consuming and potentially expensive.
Not convinced you need it? Read on to find out more about the types of cyber incidents that could affect your care facility.
Types of Cyber Attack
Cyber-attacks can take many forms, all engineered to get the victim to disclose information or take action, or to infect systems with malicious software. Phishing, malware attacks and ransomware pose a threat to all businesses.
It’s common to think that cyber threats against businesses come from unrelated hackers, cyber-attacks or ransomware (known as external threats) and are significant events, but sometimes they can be more subtle and come from sources a little closer to home. There are four categories that cyber threats against a business typically originate; insider threats, human error or negligence, external threats and third-party threats.
Insider threats may come from disgruntled employees who could steal personal or business data and sell it online, for example. Third party threats are those you are exposed to when third party systems, software, individuals or businesses, have access to your data – such as cloud-based storage systems, your data systems and even your website. But by far the largest cause of data breaches occurs from human error, and is easily done. Perhaps sensitive data is sent to the wrong person or company, or a memory stick containing patient data is lost. Negligence also includes weak passwords that are not updated regularly, which can allow cyber-attacks to take place more easily.
Wherever the threat originates the bottom line is how you to respond. Have you thought about how you would continue to run your care home if you lost access to all your data? You could lose access to client records and supplier data, order information, diary appointments, financial data, your website and more. If you are held to ransom for access to patient files, the financial consequences could be significant.
Additionally, you may be affected by reputational damage, which could affect existing relationships and damage future prosperity.
You may need to rebuild and replace lost systems or create a new website. And, if a data breach occurred you are likely to face significant fines from the Information Commissioner’s Office.
All of the above will require money, time and resources and need to be addressed in a timely manner to help you retain customers, employees, your reputation and may ultimately affect the future of your care facility.
Having a comprehensive contingency and business interruption plan in place along with adequate insurance will help you to address and quickly overcome any fallout from a cyber-attack. A robust plan is vital to make sure you meet your legal obligations regarding data breaches and to reassure your customers.
The benefits of cyber insurance
Cyber liability insurance is a must for any care home business because it provides you with protection and peace of mind, should the worst happen. It will help against denial of service, which may occur with ransomware, the recovery from computer virus damage, which may have resulted in a significant loss of data, and other data breaches such as the loss of a memory stick or laptop.
Getting assistance quickly and from reputable, knowledgeable and reliable sources will be key in ensuring your business can continue to operate with minimal disruption.
If your care home holds data on a computer system, even with anti-virus software in place, you can still be vulnerable to a breach.
Cyber liability insurance is relatively inexpensive and will provide you and your business with complete reassurance in the face of a data breach crisis.
Every business is different and will have specific needs, so make sure you get advice for your unique situation and requirements. Don’t wait until you have experienced a cyber-attack to put measures in place, be proactive and help protect your business now.
At Barnes Commercial we specialise in arranging robust insurance for those operating in the care home sector. As an independent broker we provide completely impartial advice on the best solution for your specific needs.