Legalization of cannabis has grown in popularity due to the recreational potential for some. People like the idea of being able to partake in cannabis freely after a long day, or before a night out, similar to the way we freely consume alcohol. For others, cannabis has the potential to help with all sorts of medical conditions from arthritis to cancer. Many states have legalized cannabis through the mechanism of medicinal use. The medical use requirement means that those facilities providing cannabis fall under the umbrella of medical facilities. These medical facilities are required to keep patient records, patient data, possibly insurance information, payment information and more. These facilities are the prime targets for cyber criminals who can exploit network weaknesses and expose cannabis businesses to a data breach.
A data breach is an incident in which sensitive, confidential, or other private date is accessed and/or disclosed in an unauthorized fashion. Data breaches may involve personal health information, personally identifiable information, trade secrets or intellectual property. A company that stores this information such as a medical cannabis provider is legally liable for the protection of this personal information. It is important to have proper security measures to protect the data, but cyber criminals are persistent therefore you’ll need additional protection. Data breach insurance is that additional protection. Marijuana data breach insurance protects business owners from legal liability resulting from this type of breach, whether the information is leaked electronically or by some other means such as a paper file.
Over an eight-year span, healthcare organizations reported 2,149 data breaches affecting 176.4 million records to the federal government, with almost every year bringing an increase in privacy incidents, according to new research.
To conduct their research, they examined all data breaches compiled by the U.S. Department of Health and Human Services Office for Civil Rights from 2010 through 2017. They found that, aside from 2015, the annual data breach tally increased each year, rising from 199 in 2010 to 344 in 2017.
Under the law, healthcare organizations that handle protected health information must report breaches of a certain size to the federal government. But that does not mean that every data breach gets reported or included in the count.
The size of each breach ran from 500 to 78.8 million patient records, with a median of 2,300 records and a mean of 84,456, according to the findings.
Healthcare providers were hit the hardest, reporting 1,503 data breaches that compromised 37.1 million records during the period in question. The number of incidents made up 70 percent of all data breaches included in the tally.
But health plans, which reported 278 data breaches, reported 110.4 million exposed records, or 63 percent of the pie, according to the findings.
Although most healthcare data breaches focused on paper or film, the 410 breaches that emanated from network servers bared 139.9 million records, nearly 80 percent of the total.
Even the best network security systems can be hacked or compromised in some way shape or form. Often the compromise is due to human error such as opening and clicking on links in a phishing email or inadvertently providing access to an outside threat. There are a number of variables that a business owner or cannabis medical provider can’t anticipate, which is where cannabis data breach insurance becomes necessary. Business owners should work with an experienced cannabis insurance specialist like Eric Rahn of S2S Insurance. As always all polices are subject to policy limits and should be reviewed with a cannabis insurance specialist and your attorney.