Admin costs ‘the tip of the iceberg’ for healthcare organizations hit by cyber attacks

by | Mar 6, 2023

With increased patient mortality rates for 23% of organizations hit by cyber attacks, the looming threat of medical malpractice claims far outweigh any other costs.

  • Healthcare providers are increasingly being targeted by cyber criminals for patient data, causing disruptions to hospital operations and an increase in patient mortality rates.
  • 57% of surveyed organizations experienced poor patient outcomes and nearly half had increased complications from medical procedures due to cyberattacks
  • Cyberattacks are costly, with the just one attack, on Universal Health Services in 2020 costing $67 million when a cybersecurity incident caused ambulance traffic diversion and scheduling of patient procedures at other facilities
  • A Ponemon Institute study surveyed 641 healthcare, IT and security practitioners, finding that 89% of organizations had a cyberattack in the past year, with an average of 43 attacks per organization.
  • Common cyberattacks, including cloud compromises, ransomware, supply chain and business email compromises, led to increased patient mortality rates for 23% of organizations, costing $4.4 million, including $1.1 million in lost productivity.

The Ponemon Institute study, that was conducted in 2022, revealed that over 20% of healthcare organizations reported increased patient mortality rates following a cyberattack.

The study also indicated that delayed procedures and tests, as well as longer patient stays, were the most commonly reported consequences of cyberattacks. Ransomware attacks had the most significant impact on patient care, with 64% of organizations reporting procedure or test delays and 59% reporting longer patient stays.

Healthcare providers are increasingly targetted due to the wealth of sensitive patient data they hold, leading to attacks that disrupt hospital operations and patient care. For example, a cyberattack at Tenet facilities in April 2020 disrupted acute patient care, while Universal Health Services experienced a similar incident that cost the chain $67 million in the same year.

medical emergencies result from cyber attacks

Cyber attacks disrupt hospital operations and patient care leading to increased mortality rates for many healthcare providers.

The most common cyber attacks were cloud compromises, ransomware, supply chain attacks, and business email compromises, which resulted in increased patient mortality rates for 23% of the organizations. The study found that cyberattacks led to poor patient outcomes for 57% of those surveyed, with almost half reporting increased complications from medical procedures.

The cost of the most expensive cyberattack experienced in the study averaged $4.4 million, with $1.1 million in lost productivity. The study recommended organizations implement training and awareness programs, as well as employee monitoring, to mitigate the risk of attacks, as careless and negligent employees pose a significant threat.

 Far-reaching effects on the healthcare industry

The consequences of cyberattacks on healthcare organizations could have far-reaching effects on the industry, potentially leading to a loss of patient trust, damage to reputation, and increased medical malpractice claims.

With increased awareness of cybersecurity risks, patients may hold healthcare organizations responsible for failing to adequately protect their sensitive information. Furthermore, cyberattacks can lead to delayed or improper medical treatment, which could result in medical malpractice claims if the patient is harmed as a result.

In light of these risks, the importance of cyber insurance cannot be overstated.
Cyber insurance can help healthcare organizations mitigate liability by providing coverage for losses resulting from cyber incidents, including those arising from data breaches, business interruption, and liability claims. Insurance companies can also help clients reduce risk by providing risk assessment and mitigation services, such as employee training and awareness programs, and security monitoring.

The healthcare industry faces significant challenges in protecting sensitive patient data from cyber threats. Healthcare organizations must prioritize cybersecurity risk management to prevent disruptions to hospital operations, poor patient outcomes, and increased medical malpractice claims. Investing in cyber insurance and risk mitigation services can help organizations reduce liability and protect against the financial and reputational damage of cyberattacks.

About Dale Nelson

Dale has worked in the insurance industry since leaving college, specializing in the healthcare niche. He has developed long-term relationships with insurance carriers and retailers in the Medical Professional Liability area. Dale has worked with carriers, retailers and brokers and so works effectively at helping agents solve problems for their clients.
More about Dale Nelson

other articles that may interest you

Social Media presents an deluge of challenges for Medical Facilities

Unacceptable behavior by physicians and healthcare professionals is on the rise, corresponding with increased attacks on physicians by patientsLive streaming of surgical procedures, particularly plastic surgery has become increasingly popular in recent years and while...

Could the technology behind Bitcoin help secure medical records?

Cyber security is a growing problem for healthcare providers, who often struggle to keep the records of their patients secure. Cyber insurance coverage is not generally mandated by law and many healthcare organizations remain uninsured, even though laws and...

Agents should work with a good medical malpractice broker

Just another mouth to feed is possibly the first thought when considering the use of a wholesale broker, and in many instances there is an element of truth to that. When you set out working as an independent agent, as with any other field, there is a temptation to “do...

A lesson in Liability Insurance for Chiropractors

A visit to the chiropractor for a 32-year-old patient in Georgia recently led to a $75 million medical malpractice verdict. The claim related to emergency treatment the patient received after collapsing with a brainstem stroke, resulting from chiropractic manipulation...

Liability mitigation is essential for senior living facilities

The senior living industry is under the microscope as more and more people are affected by COVID-19. With two million of America's most vulnerable people currently in senior living facilities and nursing homes, it is essential that the industry looks seriously at...

the impact of social inflation on insurance premiums

Social inflation is a buzzword insurers use to explain the rising costs of insurance claims resulting from primarily increasing litigation arising from more plaintiff-friendly legal decisions and larger compensatory jury awards. While many industry experts put it down...

Senior Care Facilities Rethink Operations post COVID-19

With workers in elder care facilities leaving the industry in droves, assisted living and skilled nursing facilities continue to face pandemic problems. A Morning Consult poll from September 2021, found that 20% of healthcare workers quit during the pandemic, while...

GenStar™ – Stability in an uncertain market

The healthcare industry has been rocked with more change in the last two years than we've seen in decades, which has led to uncertainty for insurers. The pandemic and the associated implementation of government policies left many people with negative perceptions of...

insurance for hospitals

Hospital Insurance typically covers all or part of the potential liability for hospital services. It includes medical malpractice, accidents involving hospital employees and equipment, care during surgery or any other invasive treatment, after-hours care arrangements by staff who need help with their children and more.

insurance for long term care facilities

Long term care facilities must protect themselves against potential liability arising from incidents within their facility. Westwood can help you negotiate a package tailored to your long term care facility client.

insurance for physicians

The different types of insurance for physicians includes medical malpractice insurance, professional liability insurance, errors and omissions insurance, an umbrella policy, and professional indemnity. As a physician, you should have access to all of these types of insurance.