Suffer a breach? 5 ways to prevent an FTC lawsuit

  • Small
  • Medium
  • Large

The Federal Trade Commission is now permitted to investigate companies and potentially charge them with unfair trade practices for failing to protect consumers from online data theft in the event of a cyberattack. This has obvious ramifications on the healthcare industry, as hospitals, health systems and payers are key targets for cybercriminals.

Here are five steps for CIOs to take to help reduce the risk of an FTC lawsuit in the wake of a data theft incident, as offered by the Wall Street Journal.

1. Comply with the National Institute of Standards and Technology's "Framework for Improving Critical Infrastructure Cybersecurity." According to the WSJ, this framework is becoming the accepted standard for cybersecurity regulators. "If accompany can demonstrate to the FTC that it has implemented the Framework, it may help to persuade the FTC that there are no grounds to file a complaint," according to the report.

2. Update data and privacy policies. While all companies have data privacy and security policies, they may have been written years before current standards and practices. Updating them to be in line with modern cybersecurity requirements is a good idea.

3. Hire a third-party consultant to conduct an annual data security review. Almost all IT consultants also offer a cybersecurity practice, which CIOs should make use of to perform an annual review, update company security to comply with recommendations and confirm that the company is using the most recent security processes and protections.

4. Include the risk manager. It's important for the risk manager to also be aware of and document the company's compliance with cybersecurity steps, according to the report.

5. Obtain cybersecurity insurance. General liability insurance policies typically don't include cybersecurity risks, according to the report. Ensuring a cybersecurity policy provides necessary coverage can help mitigate the consequences of a cyberattack, according to the report.

More articles on data breaches:

UCLA Health notifies patients of compromised data following laptop theft
19 latest health care data breaches
The cost of a healthcare data breach

Copyright © 2021 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.


Featured Whitepapers

Featured Webinars