Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cyber Issues Facing Medical Practice Managers

Published bySybil McCoy Modified over 5 years ago

Similar presentations

Presentation on theme: "Cyber Issues Facing Medical Practice Managers"— Presentation transcript:

1 Cyber Issues Facing Medical Practice Managers
John Doernberg | May 4, 2018

2 What Your E&O/Cyber Policy Should Do
Your E&O/Cyber Policy Should Cover: Third-party claims arising from: acts, errors or omissions in the sale of technology products, or in the performance of technology or professional services; a failure of the insured’s network security (e.g., transmission of malicious code from insured’s to another’s network; use of insured’s network in a denial of service attack; corruption, destruction or deletion of data); or a failure to protect data or privacy. Regulatory actions, including fines and penalties, in connection with a security failure, privacy breach, or the failure to disclose a security failure or privacy breach. Out-of-pocket costs of responding to a security failure or privacy breach (see below) Business interruption and extra expense caused by insured’s network security failure by reimbursing for resulting lost income and extra operating expenses. (optional coverage, usually bears additional premium) Extortion and ransomware threats made against insured’s computer network and confidential information by an outsider attempting to extort money, securities, or other valuables. Coverage includes monies paid to end the threat and the cost of an investigation to determine the cause of the threat. Media-related liability for content distributed on insured’s website. Coverage is generally provided for copyright infringement, trademark infringement, personal or product defamation, and invasion of privacy. Fines, penalties and assessments assessed in connection with a payment card (PCI) breach. (optional coverage, often sublimited, may bear additional premium if significant number of cards involved)

3 What Your E&O/Cyber Policy Should Do
Your E&O/Cyber Policy Should Pay For: Forensic investigation to determine the scope and extent of the breach Legal expenses incurred in: Determining notification obligations under applicable laws Dealing with regulatory and law enforcement authorities and responding to investigations Defending any claims for damages arising out of your delivery / failure to deliver services (technology or other) Giving advice in connection with management of the breach and associated disclosures Notice to affected individuals under applicable laws Credit monitoring and/or identity theft services or insurance to affected individuals Public relations for reducing the potential exposure Call center support to respond to customer inquiries and concerns Cyber extortion costs associated with preventing activities such as ransomware, introduction of a virus or other attack to an insured’s network, release of unauthorized data or damaging an insured’s computer system Regulatory fines and penalties to the extent allowed by law Resolving claims for damages by those affected by the breach, such as customers, clients and business partners Retrieving and restoring data, hardware, software or other information damaged or destroyed in a cyber attack Penalties imposed by payment card companies and claims made by banks (e.g., for fraudulent charges, notifying bank card customers, closing customer accounts and reissuing payment cards) if credit card information was breached

4 2018 FBI Advisory re: Cyber Theft
Risk management practices that almost all organizations should adopt: The public service announcement contains a list of recommendations intended to help organizations reduce the risk of being victimized by W-2 and wire-transfer scams. These include: Limit who can (1) handle requests for W-2s, or (2) approve or process wire transfers. After receiving a request for W-2 information or a wire transfer seemingly from someone within the organization, verify the request using “out of band authentication” – that is, do not respond to the making the request but instead determine its authenticity by independently contacting the purported sender using some other channel of communication. A phone call directly to the executive is probably the most common means of independent verification, and the PSA lists some others. Call vendors and suppliers to verify purported changes in payment instructions, using a phone number from a separate known contact list. Do not call any phone number contained in the communication requesting the change. Keep lists of vendors with names and contact information for anyone authorized to request or approve changes in payment instructions. It is preferable for the lists to be on paper and not in electronic files. Require multiple approvals for certain wire transfers, such as those involving: Amounts more than a designated threshold; New recipients or those not already on the organization’s list of approved wire transfer recipients; New bank or account numbers; or Countries to which wire transfers have not normally been made.

Download ppt "Cyber Issues Facing Medical Practice Managers"

Similar presentations

Property Inventory Valuation Replacement Cost Value The amount it would take to replace property with like property of the same quality and construction.

Property Inventory Valuation Replacement Cost Value The amount it would take to replace property with like property of the same quality and construction.
Insurance in the Cloud Ben Hunter, Canadian Underwriting Specialist Technology Insurance Specialty Chubb Insurance Company of Canada.

Insurance in the Cloud Ben Hunter, Canadian Underwriting Specialist Technology Insurance Specialty Chubb Insurance Company of Canada.
Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.

Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.
Presented at: Ctuit Software and Lathrop & Gage LLP Food & Hospitality Roundtable San Francisco, CA April 29, 2013 Presented by: Leib Dodell, Esq.

Presented at: Ctuit Software and Lathrop & Gage LLP Food & Hospitality Roundtable San Francisco, CA April 29, 2013 Presented by: Leib Dodell, Esq.
Cyber Liability- Risks, Exposures and Risk Transfer for a Data Breach June 11, 2013.

Cyber Liability- Risks, Exposures and Risk Transfer for a Data Breach June 11, 2013.
IS BIG DATA GIVING YOU A BIG HEADACHE? Risk Reduction - Transactional, International and Liability Issues Oregon State Bar Corporate Counsel Section Fall.

IS BIG DATA GIVING YOU A BIG HEADACHE? Risk Reduction - Transactional, International and Liability Issues Oregon State Bar Corporate Counsel Section Fall.
Cyber Insurance Today: Lots of Interest, Lots of Product Innovation, and Lots of Risk Richard S. Betterley, CMC Betterley Risk Consultants, Inc. Sterling,

Cyber Insurance Today: Lots of Interest, Lots of Product Innovation, and Lots of Risk Richard S. Betterley, CMC Betterley Risk Consultants, Inc. Sterling,
Lockton Companies International Limited. Authorised and regulated by the Financial Services Authority. A Lloyd’s Broker. Protecting Your Business from.

Lockton Companies International Limited. Authorised and regulated by the Financial Services Authority. A Lloyd’s Broker. Protecting Your Business from.
Forensic and Investigative Accounting Chapter 16 Cybercrime Loss Valuations © 2011 CCH. All Rights Reserved. 4025 W. Peterson Ave. Chicago, IL 60646-6085.

Forensic and Investigative Accounting Chapter 16 Cybercrime Loss Valuations © 2011 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL
Financial Institutions – Cyber Risk Managing Cyber Risks In An Interconnected World State Compensation Insurance Fund Audit Committee Meeting – February.

Financial Institutions – Cyber Risk Managing Cyber Risks In An Interconnected World State Compensation Insurance Fund Audit Committee Meeting – February.
Presented by: Jamie Orye, JD, RPLU Beazley Group Pennsylvania Association of Mutual Insurance Companies Annual Spring Conference March 12, 2015.

Presented by: Jamie Orye, JD, RPLU Beazley Group Pennsylvania Association of Mutual Insurance Companies Annual Spring Conference March 12, 2015.
Recent Trends and Insurance Considerations March 2015

Recent Trends and Insurance Considerations March 2015
2 3 4 5 6 www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/

Presented by: Paul J. Miola, CPCU, ARM Executive Director October, 2013.

Presented by: Paul J. Miola, CPCU, ARM Executive Director October, 2013.
BACKGROUND  Hawkes Bay Holdings/Aquila Underwriting LLP  Established 2009 utilising Lloyd’s capacity: Canopius 4444 50% Hiscox 33 50% to May 2010, replaced.

BACKGROUND  Hawkes Bay Holdings/Aquila Underwriting LLP  Established 2009 utilising Lloyd’s capacity: Canopius % Hiscox 33 50% to May 2010, replaced.
Cyber Risk Enhancement Coverage. Cyber security breaches are now a painful reality for virtually every type of organization and at every level of those.

Cyber Risk Enhancement Coverage. Cyber security breaches are now a painful reality for virtually every type of organization and at every level of those.
NEFEC - Cyber Liability MICHAEL GUZMAN, ARM ARTHUR J. GALLAGHER & CO.

NEFEC - Cyber Liability MICHAEL GUZMAN, ARM ARTHUR J. GALLAGHER & CO.
PHISHING AND SPAM EMAIL INTRODUCTION There’s a good chance that in the past week you have received at least one email that pretends to be from your bank,

PHISHING AND SPAM INTRODUCTION There’s a good chance that in the past week you have received at least one that pretends to be from your bank,
Overview of Cybercrime

Overview of Cybercrime
WHAT EVERY RISK MANAGER NEEDS TO KNOW ABOUT DATA SECURITY RIMS Rocky Mountain Chapter Meeting Thursday, July 25, 2013 11:30 am – 12:30 pm.

WHAT EVERY RISK MANAGER NEEDS TO KNOW ABOUT DATA SECURITY RIMS Rocky Mountain Chapter Meeting Thursday, July 25, :30 am – 12:30 pm.

Similar presentations

Ads by Google