You might be insured against theft, but what about the thieves that gain access to your practice via your computer systems?
“We never thought it would happen to us”….the haunting end to many a cautionary tale, often related, with the benefit of perfect hindsight, by the victim of a crime. It’s likely Disraeli’s words “We are prepared for the worst, but hope for the best” were ringing in the victim’s ears. Of course, we don’t operate our businesses based on hope, we will likely have well thought out short, medium and long-term plans, and targets and a detailed roadmap to achieve them. Can we all say the same about our preparations for a worse case scenario?
In a 21st century dental practice, loss of electronic data on patient records and/or appointment logs will feature highly on anyone’s list of worst case scenarios. Cyber crime is becoming increasingly commonplace, spawning a whole new vocabulary, ‘Hacker’ no longer conjures up images of a poor golfer, ‘Trojans’ no longer only appear in classical literature and ‘Phishing’ is not angling by another name. Recently the ‘Wanna Cry’ attack on the NHS, and the Equifax security leak, have brought the threat much more firmly into the public’s consciousness.
Industry regulators, specifically the Information Commissioners Office (ICO) are becoming more aware of the threats, and particularly with the need to protect against them. Data breaches can see fines of tens of thousands of pounds levied. They may also request you tighten up procedures to ensure data is held securely and measures are taken to prevent the recurrence of similar hacks.
The nature of the crimes can vary. One common approach is for the hacker to take control of a network and deny access to the legitimate users. This gives the criminal ‘carte blanche’ to access, copy and corrupt data without fear of being ‘caught red handed’. Ransom ware can hold data ‘hostage’ and released it back to its rightful owner on payment of a ransom. Even payment of the ransom doesn’t guarantee the data hasn’t been illegally shared or copied. Instances of phishing are becoming increasingly sophisticated, and the laundering of receipts so complex that returning the fraudulently acquired funds can be a lengthy process.
Less tangible, but as important, if not more so, is the damage to a practice’s name if data is lost and circulated maliciously. A reputation built up over years of honest, diligent patient care can be lost overnight.
Whilst we don’t want to paint too bleak a picture of the world ‘out there’, and to borrow a phrase from BBC’s ‘Crimewatch’, “don’t have nightmares”. In fact, to help you sleep at night, it is possible to ensure you have some level of protection against a nightmare scenario by purchasing a Cyber Liability Insurance policy. Policies cover claims against a practice, legal costs and statutory fines. Flexing the policy can provide further protection against damage to hardware, data corruption, costs of reinstatement, data breaches, financial fraud and loss of income. Naturally costs of policies vary, depending on the precise level of cover required, and a range of other factors, for example the size of the practice and its databases.
FTA Finance have over 25 years of experience in working in the healthcare sector. The team are dedicated to providing the right service for each individual practice, catering for that practice’s specific needs. The team are able to offer experience and advice to help your practice choose the right policy for you; your circumstances are unique and the team recognise this in their approach with you.
Author: David Brewer