Coalition, the leading cyber insurance company for small and midsize businesses, announced comprehensive coverage crafted to protect healthcare companies.
Health organizations saw over 15 million exposed patient records last year alone, and account for almost half of all data breaches. Despite the widespread risk, 70 percent of healthcare organizations lack cyber insurance.
To help mitigate the impact of cyber attacks, Coalition has designed a healthcare-specific policy that fully addresses the risk healthcare organizations face before, during, and after a breach—including full HIPAA compliance, in-house breach response, and restoration of digital assets such as patient information.
Healthcare is unique, being the only industry where the risk of a threat is more likely to come from within the organization than from the outside. According to Verizon’s 2018 Data Breach Investigations Report, over half of breaches in healthcare begin internally.
“The constant flow of highly-sensitive patient data through unregulated channels leaves protected health information exposed to bad actors. One wrong click could expose a patient’s entire medical history,” said Coalition’s co-founder and CEO, Joshua Motta.
“As we continue to move towards digitized, virtual care platforms, Coalition is committed to helping healthcare organizations keep their patients’ information safe, and helping organizations recover in the event of a data breach.”
Due to the internal nature of breaches within the industry, it takes health organizations over eight months on average to realize any information has been compromised. Coalition’s consistent monitoring of network and information security condenses an organization’s response time significantly.
Extortion is another major risk these companies face, as ransomware accounts for over two-thirds of malware incidents in the industry. Coalition’s policy covers the costs of response to any extortion incident—including the payment of money, securities, and virtual currencies.
Coalition’s comprehensive offering provides coverage for healthcare organizations in the following areas:
- Cost to comply with an OCR-mandated security assessment and program, as a result of a security failure or data breach that violates HIPAA privacy and security rules
- Restoration of digital assets, including sensitive patient information
- Business interruption from cyber attacks against the insured or their suppliers
- Funds transfer incurred from a security failure or social engineering attack
- Costs to respond to an extortion incident, including money, securities, and virtual currencies paid
- Costs to replace computer systems and other technology damaged in a cyber attack