As far back as 2013, insurers were warning about the exposure that hospitals and providers had related to medical professional liability from attacks on medical devices and software.
In the rush of daily life, it’s easy to forget how many incidents and warning flags have emerged in only the last five years. In looking at them in aggregate, it’s clear that these risks can impact organizations’ liability for care and services.
It’s arguable that cyber risks present a new form of medical professional liability for healthcare delivery organizations. Providers need to review the vulnerabilities that have been discovered in the past five years and then commit to action to protect themselves.
In 2013, the Hartford published an industry perspective on the impact of changes in enforcement possibilities for the Office for Civil Rights (in HIPAA because of the HITECH Act) and the Food and Drug Administration. The Department of Health and Human Services extended privacy and security rules to business associates, and the FDA issued guidelines to ensure appropriate safeguards to reduce the risk of the compromise of confidentiality, integrity and availability for…
