In recent years, healthcare facilities throughout the United States have faced an onslaught of cyber threats, particularly during the coronavirus pandemic. A single data breach can result in millions of dollars in losses; a nursing home data provider in Wisconsin experienced a $14 million dollar ransomware attack at the end of 2019 – one of only dozens of such attacks reported by the long-term care sector. While nursing home insurance is a critical component of risk management, understanding the risks associated with cyber criminality and the role of cyber liability insurance can reinforce the protection of facility assets from expensive losses.
$14 Million Dollar Ransomware Attack
In December 2019, Virtual Care Provider Inc. (VCPI), a prominent Wisconsin-based data provider for nursing homes and skilled care facilities, experienced a data breach that affected over 100 individual nursing home facilities. In the attack, criminals took control of critical computer systems and demanded a $14 million ransom to return the systems to the company. The attack resulted in a widespread halt to crucial business functions, including:
- Electronic billing
- Payroll management
- Internet and email services
- Medication ordering
- Electronic patient record management
- Telephone services
VCPI manages over 80,000 computers and servers for nursing homes in 45 states; while not all of the computers were affected, the sophisticated attack left sensitive business and patient data at risk of complete loss. Nursing home insurance is often ill-equipped to protect long-term care facilities from the expenses associated with cyber criminality unless specialized cyber liability coverage is part of the insurance solution.
Risks in Nursing Home Computer Security
Healthcare operations around the world have turned to computers to improve efficiency and to better manage patient care delivery. Unfortunately, nursing homes lag behind their hospital and clinic counterparts in terms of cyber security; as a result, these facilities are increasingly being targeted by criminals. A breach can mean expensive losses for a nursing home facility, including the costs associated with:
- Forensic analysis and data recovery
- Consumer notification and credit monitoring
- Legal liabilities
- Regulatory fines and penalties
- Crisis management/public relations
Patient safety is also at risk when a nursing home is attacked by cyber criminals. If computer networks are compromised, medication and treatment records may not be accessible, potentially putting nursing home residents in harm’s way. This alone should be sufficient incentive for care facilities to improve their efforts at protecting mission-critical computer networks from criminal activity.
Protecting Nursing Home Facilities from Cyber Attacks
Faced with an uptick in criminal attempts to steal sensitive business and patient data, nursing homes must step up their efforts to prevent this activity. For smaller facilities without dedicated IT professionals on staff, third-party computer security services are available. As with the 2019 Wisconsin ransomware attack demonstrates, even these services are not infallible. To prevent business damage from cyber attacks, nursing homes can:
- Implement training programs for staff, helping them to recognize common attacks like ransomware, malware, and phishing attempts and to improve computer security practices.
- Invest in the software and hardware needed to prevent unlawful intrusion into computer networks.
- Engage in data backup plans and storing backups off site.
- Tighten security on connected devices, including those used by remote workers, facility residents, and visitors.
It is important to remind clients that specialized cyber liability insurance is available to protect against these financial risks. Such insurance supplements the protection of nursing home insurance, offering a comprehensive risk management that blankets the facility, its staff, and its assets with robust coverage.
About Caitlin Morgan
Caitlin Morgan specializes in insuring assisted living facilities and nursing homes and can assist you in providing insurance and risk management services for this niche market. Give us a call to learn more about our programs at (877) 226-1027.
Social Title: Cyber Criminals Target Nursing Home with a $14 Million Ransomware Attack
Social Description: A recent ransomware attack on a nursing home company put financial assets and patient safety at risk. The attack also highlighted the value of nursing home insurance, including cyber liability coverage.