In a recent Bloomberg BNA Privacy & Data Security newsletter article, Locke Lord Partner Elizabeth Tosaris examined the steps insurers could take in order to craft a comprehensive security plan to ensure safety against a cyberattack.
In the article, “A Guide for Insurers on Creating and Maintaining a Cybersecurity Plan,” Tosaris inspects the framework for a cybersecurity plan, with special focus on insurers who hold health data. Insurers’ confidential information typically includes names, Social Security numbers, and may also include Medicare numbers and health condition and treatment histories. With so much information aggregated in one place on each individual, there is the potential for a higher return when that information is stolen and sold and because the theft of health data is not as quickly discovered as financial fraud a breach for can have a lasting effect if it leads to a person’s medical history containing false information, she notes in the article.
Tosaris provides hallmarks of a successful cybersecurity plan, compliance with current security and data laws, tips for strong IT systems and steps to be taken in event of a breach. The guide provides a valuable analysis of the creation and maintenance of a plan, one of the most pressing concerns for every insurer doing business in the U.S.
Tosaris’ complete article is available here.