Real cyber risk profile

Do you know your real cyber risk?

If you're like most companies, you've got cyber liability insurance, and if you took your agent's advice, it's probably higher than the minimum. So you're covered, right? Wrong.

One way to determine your risk profile is to build it up from a baseline of zero. For example, you have a database of 20,000 clients/patients. You may have calculated the cost of a breach - notifying clients, the potential penalties, and the cost of remediation of the breach. These are quantifiable costs, and they are part of what your cyber insurance carrier has estimated. However, once you're past the fines and known costs, a larger, more ominous cost is still out there - civil litigation.

This past week, Cardiovascular Associates in Alabama was sued in a class action lawsuit, initiated by a single patient, for the breach of 441,000 patient records. The lawsuit seeks damages in a jury trial, and the potential settlement could be in the millions, far exceeding their likely cyber liability insurance limits.

While this example is for healthcare, it doesn't end there. ANY company can face a similar scenario. If you store customer, client, or patient data, you're vulnerable - not just to a cyber attack, but potential civil monetary damages as well.

So the next time you opt to skip a cybersecurity best practice like vulnerability scanning, training, or a general network security and risk assessment, you may want to consider the potential costs of that decision.

We're here to help with affordable and effective solutions.

Stay safe.


If you have any questions or are concerned about your organization's cybersecurity, call us at (949) 474-7774. We'll be happy to help.


For more HIPAA information, download our ebook - The Ultimate HIPAA Compliance Handbook.

The HIPAA Security Rule requires implementing a security awareness and training program for all members of its workforce (including management). Have your team sign up for weekly HIPAA Security Reminder to help stay compliant.

 

Subscribe Today!

HIPAA Security Reminders

 

HIPAA Security Suite has developed a weekly HIPAA Security Reminder series that’s FREE for all of us who are responsible for, or engaged in, the use and protection of PHI.

Pursuant to Section 164.308(a)(5) of the HIPAA Security Rule, the Standard states: Implement a security awareness and training program for all members of its workforce (including management).

This standard is part of our Best Practices Recommendations for HIPAA Security Suite users, but it’s available for FREE to anyone who wants to comply with HIPAA using the easiest, best tools available.

Sign Up

Scroll to Top