Last month, St. Margaret’s Health, a hospital in Spring Valley, Illinois, was forced to permanently close their doors. They attribute the closure in part to a 2021 ransomware attack. The rural hospital had been struggling to stay afloat amidst the Covid-19 pandemic and staff shortages, and the ransomware attack crippled their operations beyond the point of recovery. The attack completely shut down all of St. Margaret’s Health’s computer systems, including email and patient portals, and, for months, were unable to submit claims to insurers, Medicare, or Medicaid.
St. Margaret’s Health is just one of the many healthcare facilities hit by ransomware attacks annually. In recent years, healthcare ransomware attacks have risen dramatically. In 2022 alone, an estimated 290 hospitals were victims of ransomware attacks, resulting in leaked personal data, compromised patient care, and significant financial losses.
According to researchers at the University of Minnesota and University of Florida, the facilities most likely to be impacted by ransomware attacks are clinics, hospitals (like St. Margaret’s), delivery organizations, and ambulatory centers. During a cyberattack, the attackers breach an organization’s computer systems and hold them “hostage,” preventing the organization from doing vital, everyday tasks — like processing payments, accessing patient records, dispensing medication, or managing appointments.
On average, the downtime from a ransomware attack is 23 days. During that time, patients are unable to receive the care they need. Facilities may be forced to delay elective surgeries or scramble to reschedule patients to neighboring facilities. In the case of a rural hospital like St. Margaret’s, however, patients may not have many other options. The scheduling delays or time it takes to travel to another healthcare facility could be detrimental. According to Spring Valley’s mayor, Melanie Malooley-Thompson, the closure of St. Margaret’s could mean some city residents will need to travel up to 30 minutes to reach another emergency room.
As healthcare cybersecurity concerns continue to trend upward, it’s more important than ever that healthcare facilities implement strong cybersecurity controls and practices, including securing adequate insurance coverage. Cyber liability insurance can alleviate the devastating costs of a ransomware attack by offering coverage for business interruptions, data loss recovery, incident investigation, ransom demands, and more.
When it comes to cyber liability, there’s a lot at stake — both in terms of finances and patient care. Jencap’s National Practice Leader of Professional Lines, Deb Dioguardi, explains the importance of retail agents partnering with a specialized professional lines wholesaler:
“A specialist broker, like Jencap, will know what policy forms are better than others — what policy forms, for example, are sublimiting ransomware coverage liability and which are giving you the full limit of liability. Our brokers do thorough policy comparisons on every risk and show our retail partners exactly what their insured is purchasing, along with how to explain it.”
As a leading insurance wholesaler, Jencap offers expertise in professional lines insurance that’s tailored to the specific needs and risks of the healthcare industry. Our broad market reach gives you access to dozens of markets, ensuring that your healthcare clients get the coverage they need. Speak with one of Jencap’s specialists today to get a quote and learn more.