October is National Cybersecurity Awareness Month
Telehealth and telemedicine utilization experienced a significant uptick in response to the COVID-19 pandemic, with usage continuing at an elevated rate – making it a prime opportunity for cyber criminals and bad actors.
Telehealth and telemedicine cybersecurity and fraud risks can take a variety of different forms, from phishing schemes and distribution of malware to elaborate, large-scale fraud operations.
In July, the Health & Human Services Office of Inspector General (OIG) issued a broad fraud alert urging medical professionals to use caution “when entering into arrangements with purported telemedicine companies.”
In September, Blue Cross Blue Shield of Massachusetts (BCBS MA) shared insights into a telemarketing scheme targeting seniors that is deceiving patients, providers, AND payers into unneeded prescriptions and durable medical equipment.
Now, during Cybersecurity Awareness Month, BCS (a top 10 writer of cybersecurity direct premiums written1) is sharing three tips to help manage telehealth cyber security risk:
1. Putting Controls in Place
Beyond establishing policies and procedures related to data security for all levels of your organization, ensure the security of any third-party platforms or vendors as well.
2. Engage Your Top Security Risk
A 2022 Data Breach Investigations Report from Verizon showed that 82% of data breaches involve human error. Consistent, continuous training can help employees remain vigilant.
3. Implement Safeguards
Conduct risk assessments on a regular basis, and have a plan in place for incident response.
Cyber risks are ever-evolving, and ultimately, it is up to businesses to put the best cyber security practices in place, and ensure adequate protection in the event of a breach or event. To learn more about potential insurance needs, and how BCS can help businesses prepare, contact [email protected].
1 US Cyber Insurance – Top 20 Insurers, A.M. Best
Source: Health IT Security & mHealthIntelligence, from xtelligent HEALTHCARE MEDIA
