Reading Why Therapists Should Get a Cyber Policy Today or Risk Losing Their PracticeFind More Posts
Why Therapists Should Get a Cyber Policy Today or Risk Losing Their Practice
By Matt Grammer on November 17, 2021
As the pandemic shook the world and the economy, businesses were left with two choices: adapt or close down. For health care businesses, most that have transitioned to telehealth and are doing well. But suppose you have a private practice and you transitioned to telehealth in a hurry without considering legal ramifications and potential liability exposure. In that case, one crucial topic you must be aware of is 'cyber policy insurance'.
When you're a healthcare business transitioning to online services, hacking is one of the most common issues your business might experience. For hackers, online medical records systems can be a goldmine. Why? Because they can hold your patient data for ransom. As a healthcare professional, this can lead to a great deal of suffering. Your time, money, and credibility are at stake.
What is a cyber insurance policy?
A cyber insurance policy helps you cover the damages and losses you may experience as a result of hacking. As a healthcare professional, you are bound by your license to keep everything confidential. Losing your medical records to hackers is a serious problem because it contains confidential data. A data breach like this would result in a HIPAA violation, and you can be sued.
Since most provider liability policies don't cover cyber insurance automatically, if you become a victim of hacking, the liability insurance company won't pay your legal fees. This can jeopardize the finances of a small practice.
Cyber insurance protects you from ransomware attacks, as well as accidents like losing a laptop containing unencrypted patient information. Examples of coverage provided by a cyber policy are as follows:
Paid regulatory fines and penalties
Compensation for income loss due to downtime or patient loss
Hiring of IT experts to search for and fix the breach
Public relations firms are hired to deal with unwelcome publicity
Attorneys specializing in cyber crime are hired to represent your practice in any lawsuit filed by patients
Paid ransom to free hijacked information
Cyber policy insurance covers your billing information, test results, assessment, prescription information, diagnoses, and visit notes. Since malpractice insurance doesn't cover hacking incidents, professionals should consider a cyber policy in addition to their existing coverage.
What does a cyber insurance policy cover?
For private practices, a cyber insurance policy protects your company from certain risks in the following areas:
Business Network Interruption
It's common for companies to be dependent upon technology when it comes to running their business. If your network goes down because of ransomware attacks, having a cyber insurance policy can help you recover lost profits, fixed expenses, and extra costs, as well as getting back up and running quickly.
Network Security or Privacy
This area of cyber insurance assures you protection should a security failure happen. This clause covers security failures such as breaches, malware infection, cyber extortion, or business email compromise. Your cyber insurance can help with the expenses required for hiring IT experts, legal experts, and other professionals to secure your data and network.
As a business, the media liability section in your cyber insurance policy protects you from infringement claims. This applies to your business' online advertising like social media posts and printed advertising.
Omissions and Errors
As a healthcare business, you are obliged to follow the standards set by HIPAA. If your medical records are hacked, this impacts your responsibilities to and contracts with your clients. This aspect of the cyber insurance policy protects you from errors in the performance of your network. This aspect also helps you address allegations of negligence. If you have a cyber insurance policy, it can cover your legal defense cost if a client files a lawsuit.
What is not covered in your cyber insurance policy?
Just like any other insurance policy, cyber policies don’t cover all of the losses a business can experience. Some known exclusions include the following:
Breach of contract
Intentional dishonesty or criminal acts
Theft of trade secrets
Trade practices that are unfair
Unethical employment practices
Insurance agencies exclude the above mentioned points because most of it goes against public policy or the law.
When should I consider getting cyber policy insurance?
It's common for small businesses to overlook cyber insurance because they believe hackers won't target them. Much to the contrary, small businesses are more at risk because hackers know they have less security in place than big companies. When you're transitioning your private practice online, you should prioritize your security. Cyber policy insurance should be your top priority as you're launching your telehealth practice. If not, your small practice may have a data breach, which could cost you a lot of money.
The best way to take care of your private practice's network is to obtain a cyber liability insurance policy. Work with an experienced broker who can understand your private practice's cyber risk. Apply for a cyber policy, and continuously implement security on your network. Being proactive about your private practice's security is a vital key to prevent ransomware attacks. This can help you focus more on the services you're offering as a teletherapy business.
* The content of this post is intended to serve as general advice and information. It is not to be taken as legal advice and may not account for all rules and regulations in every jurisdiction. For legal advice, please contact an attorney.
About Matt Grammer
Matt Grammer, LPCC-S is the Founder and CEO of
Kentucky Counseling Center, as well as a national private practice consultant. Having grown his Center to more than 100 providers in Kentucky offering online counseling, psychiatry, and case management services, he now offers guidance to other practices looking to succeed.