Cyber protection for hospitals and clinics becomes even more important in the corona crisis

The corona crisis has turned many familiar work processes upside down. This is a gateway for cyber criminals – hospitals and clinics being one of the targets. As a result, hacker attacks are on the increase there. An analysis of individual cyber risks and comprehensive protection are therefore essential.

The German Federal Office for Information Security (BSI) is currently observing an increase in cyber attacks related to the coronavirus. The BSI also cites a concrete example: some perpetrators use e-mail to ask companies to disclose company-related data on fake websites. Perfidious: The cyber criminals pose as supposed institutions to apply for emergency aid funds.


Warning to medical institutions

In this context, hospitals are now also increasingly being targeted. This was reported by the Handelsblatt, a German newspaper which is in possession of internal papers from security authorities. Criminals are said to have called on the federal government to pay ransoms in the millions to ward off attacks by hackers on health care facilities. In addition, the criminal police organization Interpol has issued a warning to medical facilities, as the Handelsblatt further states.

The health care system is a supposedly easy target. The exceptional situation in the corona crisis is most evident here, the stress is immense. In such cases, the employees can quickly become careless. People who might work from home for the first time without much instruction are also more susceptible. And a considerably larger amount of money can be earned with patient data than with credit card information, for example. Last but not least, the expansion of IT features in the health care sector offers more and more access for hackers.

Precious Patient Data

Patient files are more valuable on the dark web than credit card information

But criminal attacks are just one of the many cyber risks that hospitals face. The ‘IT-Grundschutz’ from the German Federal Office for Information Security lists over 650 risks, for example. Issues such as technical problems, incorrect operation, employee sabotage and faulty programming are often overlooked.


High damage potential in the event of a data breach

Cyber damages can be incurred at different levels: 

  • through the loss of trust
  • through the loss of integrity
  • through the unavailability of data and IT applications


Dario Koch, Member of the Management Board of Funk Hospital, Funk’s special insurance broker for hospitals and medical and social services, says, ‘We see one of the greatest potential points of damage in the area of data breaches and the costs associated with that.’ Under the new EU General Data Protection Regulation, clinics not only have to meet certain reporting obligations but are also liable for immaterial damages when a hospital file is lost, for example. 

‘If we calculate a cost of ten euros for each lost or stolen data record in a hospital with over 500,000 patient files, then the damages for the hospital already soar to five million euros,’ Koch illustrates. And in reality the damages could be much higher. After all, a Ponemon Institute study showed that the average cost per data record containing sensitive information in the healthcare sector was 325 euros. 

In addition to data breaches and the associated costs, another huge risk is the unavailability of data and IT systems. For clinics, the unlimited availability of data and IT is essential for smooth and safe operations. 


Risk transparency with the cyber risk analysis

Clinics should know their individual cyber risks. Funk helps hospitals and clinics identify these with an on-site cyber risk management workshop. At the end of the workshop, the clinic receives a risk report with the identified risks, an estimate of the monetary consequences based on existing measures, and recommendations for risk protection. The analysis also offers important information for creating an emergency or business continuity plan and provides a well-founded basis for a tailor-made insurance solution. 


Extended cyber insurance for hospitals and clinics

Most cyber insurance policies are limited to protection against cyber crime. But it is also especially important to pay attention to the ways that problems and insured risks interact and affect each other and the performance elements set out in these cyber policies. 

As the market did not offer a satisfactory insurance solution, Funk developed its own cover scheme for its clients, which goes far beyond the market standard. Funk CyberSecure offers first party loss cover that protects against cyber crime as well as damages due to technical problems, incorrect operation or programming, employee sabotage and mandates from regulatory bodies. 


Performance elements Funk CyberSecure

The model has been specially designed with hospitals in mind, is modular and offers cover both for third-party claims and first party loss. And since many cyber attacks are difficult to prove after the fact, Funk’s cover shifts the burden of proof from the policyholder to the insurer. The hospital is saved the stress of struggling to find evidence when its IT forensics team cannot find proof of the cause of a claim. Instead, the insurer must prove that the damage has occurred due to a uninsured issue. If the insurer cannot prove this, the claim is considered covered by the insurance.

What’s more, with Funk CyberSecure the percentage share is not charged for service and consultancy costs. Plus, costs up to 100,000 euros are even covered if it is determined after the fact that the damages were due to an uninsured risk.

Dario Koch: ‘Cyber insurance was already recommended before the corona crisis, because the healthcare system is becoming more and more digital and this entails risks. These risks have now become even greater. With all the current challenges, hospitals and clinics should therefore not forget cyber protection.’



Your point of contact