MedLaw.com :: Hospitals Usually Not Insured Against HIPAA Security And Identity Theft Incidents

EMTALA Resources
- EMTALA STATUTE
- EMTALA REGULATIONS
- EMTALA SITE REVIEW GUIDELINES
- EMTALA SIGN REQUIREMENTS
- EMTALA EDUCATIONAL RESOURCES
- COURT CASES
- SAMPLE FORMS
- OPPS & 250 YARD RULE
- REPORTING VIOLATIONS
- OTHER INFORMATION
- OIG ENFORCEMENT ACTIONS
EMS and Air Medical
- Emergency Medical Services
- Air Medical Services
- Court Cases
- Fire - Rescue - Public Safety
Emergency Preparedness
- Homeland Security Special Alerts
- Bio-Terrorism Issues
- HazMat Issues
- Emergency Preparedness
Drugs / Pharmacy
- Pharmacy / Drug Liability Issues
- Court Cases
Fraud & Abuse
- Medicare Fraud and Abuse
- Anti-Kickback Statute / STARK Compliance
- Corporate Compliance Policies and Practices
- Court Cases
Hospital Issues
- Emergency Department
- Risk Management
- Conditions of Participation (CoP's)
- Critical Access Hospitals (CAH)
- Credentialing
- Misc. Issues
Medical Malpractice
Medical Records Privacy & Security
- Medical Records
- HIPAA Security Regulations
- HIPAA / State Privacy Regulations
- Enforcement and litigation
CMS / OSHA / CDC
- OSHA Regulation of Healthcare
- CDC Guidelines
- Medical Studies
- CMS Regulations and Guidance
Product Liability
Professional Rights
How We Can Help
News and Updates
MedLaw Links (A-M)
- Allied Health Links
- Anesthesia
- Behavior Health
- Boards and Certifying Groups
- Courts
- Dental
- Disater / Emergency Preparedness
- Emergency Medicine/ EMS
- Government Sites
- Healthcare Economics
- Healthcare Law
- Healthcare Organizations
- HIPAA
- Hospital Organizations
- Infection Control
- Insurance Industry
- Laboratory Issues
- Long Term Care
- Medical Staff
- Drugs and Pharmacy
MedLaw Links -- (N-S)
- Nursing
- Obstetrics
- Oncology
- Public Medical Information Resources
- Pediatrics
- Quality
- Radiology
- Reference / Publications
- Rehabilitation Services
- Risk Management
- Safety
- Surgery
Publisher's Opinions
Contact Us
About Us
Privacy Policy
Terms Of Use

May 17, 2012

http://www.medlaw.com/healthlaw/Medical_Records/8_4/hospitals-usually-not-ins.shtml

Hospitals Usually Not Insured Against HIPAA Security And Identity Theft Incidents

Most hospitals are uninsured or seriously under-insured for computer security breaches or employee identity theft exposures.

Most hospitals are uninsured or seriously under-insured for computer security breaches or employee identity theft exposures. Typical "crime coverage" provisions deal with tangible property thefts and would not cover theft of patient information and subsequent thefts utilizing that information. Malpractice policies typically would cover hospital losses for damages in claims for breach of medical confidentiality, but would not cover major expenses for notification, credit monitoring services, and other remediation expenses.

Other examples include:

Hackers Break Into Hospital Computer System

Akron Children's Hospital is notifying about 240,000 patients that someone hacked into its computer system and gained access to sensitive information, including Social Security numbers and bank account records. The computer breach happened over Labor Day weekend, but the hospital didn't alert the FBI until mid-October. It started notifying patients at the end of October.

To date, reports indicate that Children's has incurred more than $1 million in notification costs.

See full story at:

http://www.scmagazine.com/us/news/article/601539/hackers-breach-ohio-hospitals-databases-obtain-personal-information-240000/

Man Sues Hospital System Over Security Lapse

An Indiana man has sued a hospital system over a security lapse that might have exposed the private information of more than 260,000 patients. Greenwood resident, Michael Chaney, claims in his federal lawsuit filed in late October that The Sisters of St. Francis Health Services Inc. and its contractor violated federal HIPAA privacy laws and failed "to take reasonable corrective action," such as promptly notifying patients of the breach. It seeks damages, including no less than $5,000 for each affected class member. See full story at:

http://www.belleville.com/mld/belleville/news/politics/15895203.htm/

New Forms of Insurance Developing To Protect These Risks

Hospital risk managers and insurance personnel should be considering purchasing new "technology" policies that provide coverage for security and HIPAA expenses, acccording to William Bruno, a member of Johnson Insurance Services' healthcare unit and working from their Phoenix office. The unit serves healthcare providers nationally with insurance and risk consulting services from a home base in Madison, WI.

"The recent spate of healthcare systems being targetted for identity theft have created a serious need for this kind of insurance, and several new insurance products have come to market to specifically help cover this risk," Bruno said. For more information, Bruno can be reached at wbruno@johnsonins.com.

Support our troops, support our president