Cyber Insurance , Events , Governance & Risk Management

Read the Fine Print: Top Cyber Insurance Considerations

Peter Halprin, Partner at Pasich LLP, on How Cyber Coverage Is Evolving
Peter Halprin, partner, Pasich LLP

It is increasingly important for healthcare entities to carefully examine their cyber and other insurance policies to see what risks are covered in the event of a cyber incident, especially as the threat landscape continues to evolve, said attorney Peter Halprin, a partner at law firm Pasich LLP.

See Also: How Enterprise Browsers Enhance Security and Efficiency

"You really need to read your policy to see what it covers," he said. "Because of the frequency of ransomware attacks, what the insurance industry has largely done is sublimit some of those coverages, so if you have $10 million in coverage, you may only have $5 million for ransomware," he said.

Healthcare entities also need to be mindful about their coverage for cyber incidents that could result in physical harm to patients and others, he said.

"There is an intersection between bodily harm and cyber insurance - or the consequences of a cyberattack that could have impacts for bodily injury, death, harm, etc.," he said.

That includes environmental impacts. "You could see explosions and things getting into the atmosphere outside of a hospital. Maybe they're storing something, and it explodes. There are a lot of different consequences from these cyberattacks," he said.

Halprin said some incidents such as bodily injury claims could be paid under general liability or medical malpractice policies, "but in those cases, entities need to be careful looking for some kind of potential cyber exclusion," he said. "Healthcare clients and entities should be thinking about that and looking at their policies critically to see if the coverage is there."

In this video interview with Information Security Media Group at ISMG's Healthcare Security Summit in New York City, Halprin also discussed:

  • How coverage and exclusions are evolving in cyber insurance;
  • Attribution of attacks to nation-state actors and how that might factor into coverage;
  • Other cyber insurance considerations for the months ahead.

Halprin represents commercial policyholders with a focus on recovery strategies in relation to cyber breaches and cybercrime, natural disasters, professional services, regulatory investigations and technology disputes.

About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.