Less Than a Third of Healthcare Organizations are Insured

Veriphyr proactively reports impermissible use of PHI the first time it happens.

Running A Real Risk

Only 30% of healthcare organizations have cybersecurity insurance, according to a 2018 survey by Ovum for FICO. In comparison, 76% of all U.S. firms involved in the survey reported having cybersecurity insurance (a).

This is dangerous for healthcare organizations. Breaches can cost millions, and criminals are motivated. Costs incurred from breaches, which are typically covered by cybersecurity insurance, are: costs of litigation, regulatory fines and penalties, and costs due to business interruption and reputational damage (c).

One of the largest insurers in the United States, Anthem Inc., recently had to pay $115 million in a data breach settlement.

In addition, regulatory fines and penalties could be getting steeper, as new healthcare data privacy laws are being passed.

The 70% of healthcare providers not insured are putting themselves at risk, but the survey suggests a valid reason.


“Only a quarter of surveyed firms said their insurers had set premiums based on an accurate analysis of their company’s risk profile. A majority believed the premiums were calculated on industry averages, inaccurate analyses, or unknown factors”  (a)


However, many firms are confusing insurance with protection.


Be Wary of Overconfidence

In the survey, 68% of US firms report themselves as better prepared for data breaches than their competitors. Canadian firms were the most likely to rate themselves top performers for cybersecurity (b).


“These same IT leaders are undoubtedly keen to believe that the money being spent provides their organization with a better security posture than any other – but the rapid pace of investment, often in point solutions, rarely takes an organization-wide view of security” – Maxine Holt, Ovum research director.


Cybersecurity expert, and Veriphyr advisor,  Steve Katz identifies how healthcare providers can protect themselves against patient privacy breaches.

Data privacy, compliance, confidentiality and security expert for healthcare, Alan Norquist, maps out for the Healthcare Compliance Organization how to detect data privacy breaches.

Veriphyr’s advanced data analytics proactively detects and reports impermissible use of data privacy breaches. With Veriphyr, personal health information can stay protected.



(a) Only 30% of Healthcare Organizations Have Taken Out Cybersecurity Insurance

(b) FICO Survey: US Firms Are Too Confident About Their Cybersecurity

(c) Cybersecurity Insurance Basics For Healthcare Organizations