Information exposures are difficult to control and are subject to many different types of loss events. And even with the best systems, controls, personnel and procedures, no organisation is immune to the risk.
It only takes one small human error, a simple property crime, or one clever hacker, to compromise millions of patient records, or otherwise wreak havoc on your organisation.
Essentially, a data privacy breach is not a question of "if". The only question is "when?"
It is safe to assume that poorly handled breaches result in far higher patient defection rates.
An effective response is a complicated response. BBR Services will be with you every step of the way, providing effecting data breach protection for your healthcare organisation.
- significant exposure
- class action lawsuits
- regulatory investigations
- third party coverage
- why Beazley?
The scale of protected health information (PHI) maintained by healthcare organisations and the digitisation of electronic health records have increased the vulnerability to large breaches. Compulsory breach notification laws provide a great deal of exposure. In addition to the patchwork of state laws affecting all businesses, the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (HITECH) operate at the federal level. These laws require time-consuming and labor intensive internal investigations, specialized outside vendors, and can often disrupt a healthcare organisation's ability to prioritize patient care.
The publicity and patient dissatisfaction that surround a data breach have spurred a wave of class action complaints against organisations big and small. Relying on a variety of medical privacy laws, enterprising plaintiffs' lawyers have filed complaints seeking billions of dollars in damages. The specter of such damages, and the sizeable costs of litigation, often push organizations to settle even in the absence of any clear harm to the affected patients.
State and federal regulators have made one point clear: a significant breach of patient information will result in monetary penalties, onerous corrective action plans, and on-going audits. Whether through the strict data privacy and security requirements of HIPAA/ HITECH, or the increasing interest of state attorneys general in enforcing medical privacy laws, the regulatory landscape for healthcare organisations carries an immense amount of risk. Regardless of any legal liability, a data breach greatly increases the risk of reputational and brand damage.
In addition to covering your business, BBR also protects your partners though third party coverage. Third party coverage includes:
- Third party information security and privacy coverage with up to $15M in limits in addition to the breach response coverage
- Regulatory defense and penalties
- Website and offline media liability
- PCI fines, penalties and assessments
- Cyber extortion
- First party business interruption and data protection with limits up to $15 million.
In managing a data breach, you want to make the calls. It's your reputation that's on the line. But it's also smart to have a partner who's been there before. Things happen too quickly; there's too much to learn. That's why people turn to Beazley. Beazley, a leading insurer of technology and information security risks, has developed BBR, a solution to privacy breaches and information security exposures tailored to the needs of healthcare organisations. BBR is a complete privacy breach response management and information security insurance solution which includes a range of services designed to help you respond to an actual or suspected data breach incident effectively, efficiently, and in compliance with the law. Beazley's client list includes 29% of Healthgrades' top hospitals in the US and more than a third of the 16 US News & World Report's best hospitals (2015 rankings). A third of Beazley's Breach Response policies have to date been taken out by healthcare organisations.
We greatly appreciate Beazley's Breach Response services and the efficiency and knowledge that is available to us when we need it the most.
Breach response services
Claims Team Leader - Cyber & Tech
New York, NY, USA
+1 646 378 email@example.com
UK & International TMB Claims Manager
+44 207 674 firstname.lastname@example.org
Head of Third Party Complex Claims
New York, NY, USA
+1 646 943 email@example.com
Focus Group Leader London and International Cyber and Tech
+44 207 674 firstname.lastname@example.org
Team Leader & Underwriter US Cyber & Tech London
+44 (0) 207 674 email@example.com
Focus Group Leader - International Cyber & Tech
0207 674 firstname.lastname@example.org