HIPAA Breach Insurance

Healthcare data breaches can be extremely costly, the costs associated with breaches can sometimes be detrimental to small healthcare practices, forcing them to close their doors. HIPAA breach insurance can mitigate the cost of healthcare breaches, however, it does have it’s limitations. HIPAA breach insurance is discussed below.

What is HIPAA Breach Insurance?

What many companies refer to as HIPAA breach insurance is simply liability insurance. This insurance covers $100,000 in costs associated with breaches, however, the insurance does not cover you if your organization is not HIPAA compliant.

HIPAA breach insurance may be used for:

  • Forensic investigations
  • HHS fines
  • Lawsuit fines
  • HIPAA fines
  • Regulatory fines/penalties
  • Customer notification costs
  • Upgrading devices for future security

Although insurance exists, they only cover a fraction of the costs associated with breaches. The Ponemon Institute conducted a study in regards to data breaches, and found that the average cost of a data breach is $3.92 million.

The following are costs that may occur as the result of a healthcare data breach:

  • HHS Fines: up to $1.5 million per violation, fines are broken down into tiers based on perceived negligence. 
  • State Attorney General Fines: States have the authority to issue fines for breaches affecting residents of their states. State Attorney General fines range from $150,000 – $6.8 million per incident.
  • Federal Trade Commission Fines:  $16,000 per violation
  • Class Action Lawsuits:  $1,000 per record
  • Breach Notification: One requirement for organizations that experience a breach is notifying affected individuals. Depending on the scope of the breach, notifying patients can be costly. In one such situation, AMCA had to file for bankruptcy after it cost them $3.8 million to notify 7 million patients of the breach.
  • Credit monitoring for Patients Affected: The HHS requires organizations that experience breaches to offer victims free credit monitoring for a year following the incident. This costs $10 – $30 a month per individual.
  • Reputational Damage: some organizations experience a loss of 40% of their patients after experiencing a breach

To learn more about the costs of healthcare breaches please click here.

To learn more about limiting the cost of data breaches please click here.

Compliancy Group HIPAA Breach Insurance

As part of our HIPAA compliance program, Compliancy Group offers a type of HIPAA breach insurance, also referred to as liability insurance. This insurance covers the costs associated with breaches. In addition to the HIPAA breach insurance, we offer clients full audit support if you are subject to a HIPAA audit. We will provide you with all of the documentation you need to prove your good faith effort towards HIPAA compliance.