Hiltz & Associates Blog
Fraud, Embezzlement and Risk in the Dental Office
#2 in our series of #TIPS intended to help you deal with fraud, embezzlement, waste, and abuse in your dental practice.
Don’t fall short. Greater risk requires higher coverage.
When you renew your practice’s business insurance policy this year, we recommend you increase or extend your current coverage to include “Employee Dishonesty” and “Cyber Security” insurance.
Employee Dishonesty coverage helps pay for losses caused by employee financial misconduct and Cyber Security coverage helps pay the costs incurred if your computer systems are hacked or patient data is otherwise lost, stolen, or compromised.
Employee Dishonesty Insurance
When people have access to other people’s money there is an inherent fraud risk and sooner or later, history has shown that someone will take advantage of an opportunity.
Dental practices are particularly vulnerable to employee theft, and to be protected from the financial loss that dishonesty will cause, we recommend you obtain a minimum of $50,000 in dishonesty coverage.
Employee Dishonesty insurance is not a separate insurance policy. It is included as part of a “basket” of various forms of coverage in your business insurance. Many offices may have some Employee Dishonesty coverage and not even know it.
Note: my own experience shows an alarming number of dental offices DO NOT have employee dishonesty coverage.
Check your business policy and ask your insurance broker or agent for details.
Cyber Security Insurance
It’s relatively new, and this digital millennium, you need it.
When working with protected health information, your practice is responsible for the security and privacy of a patient’s data. While many think their general liability insurance has them covered, most policies offer little or no protection against a data breach so I strongly recommend you extend coverage to include a broader range of cyber liability risks.
Without proper Cyber Security coverage, the financial impact could prove devastating to your practice.
Consider these costs:
- Notifying regulatory agencies and local media outlets
- Loss of staff time and productivity
- Loss of revenue
- Damage to your reputation
- Civil lawsuits by patients
- fines and penalties (healthcare privacy breach)
Depending on your insurance company and policy, Cyber Security Insurance will cover your practice for:
- Unauthorized access to, use of, or tampering with data (former employee or contractor steals data)
- Disclosure of confidential data (privacy breach)
- Loss of data or digital assets (malicious or accidental)
- Introduction of malicious code or viruses
- Cyber extortion or terrorism threats (ransomware)
- Regulatory action, notification, and defense expenses
- Crisis management and public relations expenses
- Data and system restoration
Here are a few questions to ask yourself and your broker when buying Cyber Liability Insurance
- How many records containing personal information does your practice retain or have access to? (patients and employee records)
- How many records containing sensitive commercial information does your practice retain or have access to? (bank passwords, credit card information, merchant services, supplier accounts, etc))
- Can you put security controls in place that will reduce your premium?
- Does your practice need to encrypt all portable media and computing devices?
- What about unencrypted media in the care, custody or control of a third-party service providers?
- Will you be able to you make a claim if you did not detect an intrusion until several months or years had elapsed?
Here are some insurance companies that offer cyber insurance for dentists.