Do you need cyber insurance?
Despite all preventative measures, a cyberattack is still a very real
possibility for your facility. Some suggest you take out a cyber insur-
ance plan that insures your center for more than $50,000 in damages.
The cost of legal fees, IT consultants, credit monitoring and ransoms
"can be enormous," says Damon Silver, an attorney with Jackson
Lewis in New York, N.Y., who specializes in cybersecurity cases. In a
case Mr. Silver handled earlier this year, hackers stole information
from around 26,000 patient records at the Tampa Bay (Fla.) Surgery
Center, dumped the data onto a file-sharing website and even posted
about it on Twitter. To mitigate the damage, Mr. Silver said the center
offered affected patients free credit monitoring.
The value of health records
In the dark web — the untraceable side of the Internet, where hackers
often sell stolen information — health records are 3 times more valu-
able than stolen financial records, says Mr. Kellerman. Your patient
data can provide hackers with all the information they need to steal
your patient's identity, extort money from patients or sell the informa-
tion online. The result can mean lawsuits for your facility for not ade-
quately protecting your patients — what Mr. Kellerman calls "the
future of malpractice."
Private health information is not the only thing hackers can take
from your system. Just last month, infamous hacking group The Dark
Overlord, which was responsible for the Tampa Bay Surgery Center
cyberattack, struck again. This time they hacked the London Bridge
Plastic Surgery Center and stole private patient photos, including
some that showed breast and genitalia enhancement surgeries,
according to a report from The Daily Beast.
N O V E M B E R 2 0 1 7 • O U T PA T I E N T S U R G E R Y. N E T • 4 9
