Cyber Issues Facing Medical Practice Managers

Slides:

Advertisements

Similar presentations

Property Inventory Valuation Replacement Cost Value The amount it would take to replace property with like property of the same quality and construction.

Advertisements

Insurance in the Cloud Ben Hunter, Canadian Underwriting Specialist Technology Insurance Specialty Chubb Insurance Company of Canada.

Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.

Presented at: Ctuit Software and Lathrop & Gage LLP Food & Hospitality Roundtable San Francisco, CA April 29, 2013 Presented by: Leib Dodell, Esq.

Cyber Liability- Risks, Exposures and Risk Transfer for a Data Breach June 11, 2013.

IS BIG DATA GIVING YOU A BIG HEADACHE? Risk Reduction - Transactional, International and Liability Issues Oregon State Bar Corporate Counsel Section Fall.

Cyber Insurance Today: Lots of Interest, Lots of Product Innovation, and Lots of Risk Richard S. Betterley, CMC Betterley Risk Consultants, Inc. Sterling,

Lockton Companies International Limited. Authorised and regulated by the Financial Services Authority. A Lloyd’s Broker. Protecting Your Business from.

Forensic and Investigative Accounting Chapter 16 Cybercrime Loss Valuations © 2011 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL

Financial Institutions – Cyber Risk Managing Cyber Risks In An Interconnected World State Compensation Insurance Fund Audit Committee Meeting – February.

Presented by: Jamie Orye, JD, RPLU Beazley Group Pennsylvania Association of Mutual Insurance Companies Annual Spring Conference March 12, 2015.

Recent Trends and Insurance Considerations March 2015

Presented by: Paul J. Miola, CPCU, ARM Executive Director October, 2013.

BACKGROUND  Hawkes Bay Holdings/Aquila Underwriting LLP  Established 2009 utilising Lloyd’s capacity: Canopius % Hiscox 33 50% to May 2010, replaced.

Cyber Risk Enhancement Coverage. Cyber security breaches are now a painful reality for virtually every type of organization and at every level of those.

NEFEC - Cyber Liability MICHAEL GUZMAN, ARM ARTHUR J. GALLAGHER & CO.

PHISHING AND SPAM INTRODUCTION There’s a good chance that in the past week you have received at least one that pretends to be from your bank,

Overview of Cybercrime

WHAT EVERY RISK MANAGER NEEDS TO KNOW ABOUT DATA SECURITY RIMS Rocky Mountain Chapter Meeting Thursday, July 25, :30 am – 12:30 pm.

Non Physical Business Interruption Malcolm Randles, Underwriter, Kiln Syndicate February 2011.

AUGUST 25, 2015 Cyber Insurance:

Cyber Risk Insurance. Some Statistics Privacy Rights Clearinghouse o From 2005 – February 19, 2013 = 607,118,029 records reported breached. Ponemon Institute.

Onebeaconpro.com t f Cyber Liability Insurance Coverages and Trends Affecting Community Banks Craig M. Collins President,

. E-Business Risk and Insurance.

Insurance of the risk Policy covers & underwriting issues Stephen Ridley, Senior Development Underwriter.

Forensic and Investigative Accounting Chapter 16 Cybercrime Loss Valuations © 2013 CCH Incorporated. All Rights Reserved W. Peterson Ave. Chicago,

Matt Foushee University of Tulsa Tulsa, Oklahoma Cyber Insurance Matt Foushee University of Tulsa Tulsa, Oklahoma.

Tamra Pawloski Jeff Miller. The views, information, and content expressed herein are those of the authors and do not necessarily represent the views of.

Carlsmith Ball LLP Cyber Issues For Lawyers Deborah Bjes October 22 nd, 2015.

Managing Your Cyber/E&O Risk with Willis FINEX Robert Barberi, Vice President, Willis Cyber Practice.

Have the Time? Steps to Deal with Cybercrime HFTP Annual Conference Bellevue, Washington October 23, 2015 Presented by: John D. Daum, CPA Scott Perry (Just.

Data Security & Privacy: Fundamental Risk Mitigation Tactics 360° of IT Compliance Anthony Perkins, Shareholder Business Law Practice Group Data Security.

The Privacy Symposium: Transferring Risk of a Privacy Event Paul Paray & Scott Ernst August 20, 2008.

Cyber Insurance Risk Transfer Alternatives Heather Soronen - Operations Director Rocky Mountain Insurance Information Association.

MEDICAL OFFICE COVERAGES. This is a short review over many insurance coverage parts necessary to a doctor’s practice. Not all apply, and there are other.

Retail & Service 1. 2 The Retail & Service industry encompasses a wide variety of businesses. This segment includes: Businesses engaged in selling goods.

Cyber Liability: New Exposures Presented by: Henriott Group © 2007, , Zywave Inc. All rights reserved.

Data Breach ALICAP, the District Insurance Provider, is Now Offering Data Breach Coverage as Part of Our Blanket Coverage Package 1.

Cyber Insurance Overview July 30, 2016 Wesley Griffiths, FCAS International Association of Black Actuaries.

Cyber Insurance - Risk Exposures and Strategic Solutions

Cyber Liability Insurance for an unsecure world

Cyber Insurance Risk Transfer Alternatives

Clients and Prospective Clients on the Threat of Cyber Crime

Breaking Down Cyber Liability

Financial Institutions – Cyber Risk

Financial Technology in Cyber Risks

E&O Risk Management: Meeting the Challenge of Change

Protection of CONSUMER information

Managing a Cyber Event Steven P. Gibson President

Responding to a Data Breach 360° of IT Compliance

Cyber Insurance Overview

Cyber Insurance 101 South Texas Chapter Risk & Insurance Management Society May 17, 2017 Matt C. Green, Marsh.

Chapter 3: IRS and FTC Data Security Rules

Cyber Insurance: An Update on the Market’s Hottest Product

Society of Risk Management Consultants Annual Conference

Mary Kummer Jim McNall PRIMA Spring Training 2018

Business Secured with HUB International.

Cyber Trends and Market Update

Understanding Cyber Insurance NASCUS/CUNA Cybersecurity Symposium

Ethics, Part 2 Chapter 5 pp National Income Tax Workbook™

FAIR 2018 – Cyber Risks & Markets

Cyber Exposures The Importance of Risk Identification and Transfer

By Joseph Carnevale, CIP Partner & Director of Sales

INFORMATION SYSTEMS SECURITY and CONTROL

Cyber Liability Coverage – Sell it or get sued

Forensic and Investigative Accounting

Business Compromise and Cyber Threat

Cyber Security: What the Head & Board Need to Know

Anatomy of a Common Cyber Attack

Presentation transcript:

Cyber Issues Facing Medical Practice Managers John Doernberg | May 4, 2018

What Your E&O/Cyber Policy Should Do Your E&O/Cyber Policy Should Cover: Third-party claims arising from: acts, errors or omissions in the sale of technology products, or in the performance of technology or professional services; a failure of the insured’s network security (e.g., transmission of malicious code from insured’s to another’s network; use of insured’s network in a denial of service attack; corruption, destruction or deletion of data); or a failure to protect data or privacy. Regulatory actions, including fines and penalties, in connection with a security failure, privacy breach, or the failure to disclose a security failure or privacy breach. Out-of-pocket costs of responding to a security failure or privacy breach (see below) Business interruption and extra expense caused by insured’s network security failure by reimbursing for resulting lost income and extra operating expenses. (optional coverage, usually bears additional premium) Extortion and ransomware threats made against insured’s computer network and confidential information by an outsider attempting to extort money, securities, or other valuables. Coverage includes monies paid to end the threat and the cost of an investigation to determine the cause of the threat. Media-related liability for content distributed on insured’s website. Coverage is generally provided for copyright infringement, trademark infringement, personal or product defamation, and invasion of privacy. Fines, penalties and assessments assessed in connection with a payment card (PCI) breach. (optional coverage, often sublimited, may bear additional premium if significant number of cards involved)

What Your E&O/Cyber Policy Should Do Your E&O/Cyber Policy Should Pay For: Forensic investigation to determine the scope and extent of the breach Legal expenses incurred in: Determining notification obligations under applicable laws Dealing with regulatory and law enforcement authorities and responding to investigations Defending any claims for damages arising out of your delivery / failure to deliver services (technology or other) Giving advice in connection with management of the breach and associated disclosures Notice to affected individuals under applicable laws Credit monitoring and/or identity theft services or insurance to affected individuals Public relations for reducing the potential exposure Call center support to respond to customer inquiries and concerns Cyber extortion costs associated with preventing activities such as ransomware, introduction of a virus or other attack to an insured’s network, release of unauthorized data or damaging an insured’s computer system Regulatory fines and penalties to the extent allowed by law Resolving claims for damages by those affected by the breach, such as customers, clients and business partners Retrieving and restoring data, hardware, software or other information damaged or destroyed in a cyber attack Penalties imposed by payment card companies and claims made by banks (e.g., for fraudulent charges, notifying bank card customers, closing customer accounts and reissuing payment cards) if credit card information was breached

2018 FBI Advisory re: Cyber Theft Risk management practices that almost all organizations should adopt: The public service announcement contains a list of recommendations intended to help organizations reduce the risk of being victimized by W-2 and wire-transfer scams. These include: Limit who can (1) handle requests for W-2s, or (2) approve or process wire transfers. After receiving a request for W-2 information or a wire transfer seemingly from someone within the organization, verify the request using “out of band authentication” – that is, do not respond to the email making the request but instead determine its authenticity by independently contacting the purported sender using some other channel of communication. A phone call directly to the executive is probably the most common means of independent verification, and the PSA lists some others. Call vendors and suppliers to verify purported changes in payment instructions, using a phone number from a separate known contact list. Do not call any phone number contained in the communication requesting the change. Keep lists of vendors with names and contact information for anyone authorized to request or approve changes in payment instructions. It is preferable for the lists to be on paper and not in electronic files. Require multiple approvals for certain wire transfers, such as those involving: Amounts more than a designated threshold; New recipients or those not already on the organization’s list of approved wire transfer recipients; New bank or account numbers; or Countries to which wire transfers have not normally been made.