Why TPAs Need a Cyber Insurance Check-Up
Axis Insurance Services, LLC

Why TPAs Need a Cyber Insurance Check-Up

It is no secret today that all employers are at risk suffering a cyber incident today. When we begin to drill down in the industries that are vulnerable to a cyber incident the number 1 target of hackers is healthcare. Healthcare and all the firms in the food chain that support health care have targets on their backs. The healthcare food chain includes health insurance carriers, hospitals, specialty networks, ASCs, insurance carriers, TPAs and brokers/consultants.

TPAs and ASOs insure over 50% of employers (private, public, not-for-profit, multiemployers). In addition, TPAs and ASOs outsource certain aspects of their day-to-day operations to business associates. From the incredible number of cyber-attacks occurring in the vendor space for TPAs, it's apparent TPAs have to do a better job vetting their vendors. These vendors include UM/CM/DM, to Rx to DPC to Stop Loss, etc. TPAs need to make sure their vendors have at least $5M in aggregate limits. And, depending on the revenue of the vendors, $10M-$15M may be the right limit.

Not all brokers can get you the limits you need. At Axis Insurance Services, LLC, we have strong relationships with our cyber carriers and underwriters. We have built the limits you need with a $3-$5M primary limit and xs layers on top of the primary limit. And xs is follow form which means they follow the primary coverage and sub-limits.

All firms in the health care space are being targeted by Hackers because on the Dark Web they can make a ton more money on PHI than PII. A Hacker can get $250/medical record as compared to $5/PII record, and $1/SSN record. As a businessperson/sales professional, where would you focus your efforts as it relates to meeting your annual revenue targets? Of course, it's a no brainer. Focus on the health care space.

CNA, HUB, Anthem BCBS, Westchester hospitals in Kingston, NY, are firms that all have suffered ransomware attacks. As a matter of fact, ransomware revenue hit an all-time high in 2023. The revenue from ransomware victims that did report the incidents hit $1B for the Hacker community.

Unfortunately, we will continue to see ransomware launched aggressively in 2024. Fileless Attacks, Deep Fakes, and Juice Jacking are the new tools Hackers are using today, and, unfortunately, I do not see MFA and EDR having any impact on stopping the cyber-crime tied to these three tactics.

If you are interested having us provide a free risk analysis on your IT enterprise and /or review your current cyber insurance to make sure you have the right number in limits in place to financially survive a cyber-attack, please call me, Paul Hacker, TheVirtuousHacker, at 845-255-8044 or via my email, phacker@axisins.com.

Until we meet again, TheVirtuousHacker out.

rd PArty Administrators Need to Shore up Their Enterprise

To view or add a comment, sign in

Insights from the community

Others also viewed

Explore topics