Cyber risks aren’t abating
The industry needs to double down on its protections against worsening cyber intrusions in 2025. The costs go beyond criminals’ ransom demands. They can shut down entire processes and systems in a healthcare network, as the Ascension ransomware attack
showed. Not just immediate patient care was jeopardized, but lab tests were delayed and lost. The reversion to paper record-keeping risked medical and prescription errors.
Ad Statistics
Times Displayed: 21862
Times Visited: 433 Stay up to date with the latest training to fix, troubleshoot, and maintain your critical care devices. GE HealthCare offers multiple training formats to empower teams and expand knowledge, saving you time and money
Mitigation policies are a must to have in place and practiced, required to secure cyber insurance coverage. Two-factor authentication is a given, and so are strong controls over email and social media use. Insurers also are requiring:
Thorough contingency plans for managing an intrusion
Improved cybersecurity for new tools and software, and documenting that third-party vendors have and practice proper security protocols
Regular staff training on cyber safety requirements and practices to avoid intrusions by cyber criminals
The question of resiliency in 2025
Healthcare organizations may find it difficult to strengthen their resiliency in the year ahead. Beyond entrenched and emerging business and economic challenges, other issues can be even more difficult to manage.
Take acts of God. Global heat waves, wildfires and wind and rain storms have shown that climate change and its risks to people and operations are real: economic losses to the global health system are projected to reach $12.5 trillion by 2050. Compliance risk is another concern, especially with state-level abortion restrictions, compounded by questions over the future of fertility treatments.
It’s affected the insurance marketplace. Property-casualty, liability and catastrophe coverage are now settling down after years of double-digit increases. Medical professional liability rates could rise by over 15% in 2025, as these carriers have been unprofitable. Plus, the prevalence of nuclear $10 million-plus verdicts has underwriters hesitant to fully cover liability for one client.
Now’s the time for the industry to move toward enterprise risk management (ERM) in order to achieve long-term resilience. It’s key to review the fundamentals of what’s insurable and what can be retained or transferred. More important: by assessing and managing the scope of potential risks, organizations grow more resilient. And underwriters look more favorably on them as a result.
About the author: Pete Reilly is the practice leader and chief sales officer of global insurance brokerage Hub International’s North American healthcare practice. In this role, he directs and coordinates HUB’s healthcare planning, growth and strategic initiatives. He also works with other leaders and experts within HUB to develop and introduce proprietary products that will help healthcare organizations and providers across the care delivery spectrum.Back to HCB News
