A - Cybersecurity Update: Vendor Interruptions and Business Continuity Planning

2024 has been the year of Vendor Data Breaches. This presentation provides an overview of high-profile cyber incidents experienced by third-parties (e.g., Ann & Robert H. Lurie Children’s Hospital [Jan 2024]; Change Healthcare [Feb 2024]; and Integris Health [Nov 2023]) that resulted in an indirect impact to Healthcare providers (and their patients) in 2024.
Followed by a high-level explanation of the differences between cyber incidents that directly impact healthcare providers – and would potentially trigger coverages under cyber insurance policies – versus incidents that indirectly impact healthcare providers – which would require further business continuity planning.
In discussing direct incidents, I’ll address Cybersecurity best practices and tips, the incident response process (in the event a direct incident occurs), and a deeper dive into the types of insuring agreements found on cyber insurance policies.
For indirect incidents, I’ll address the importance of business continuity planning and questions providers should consider when creating a business continuity plan.