Cybersecurity challenges in the healthcare sector are intensifying. In recent years, the industry experienced over 1,700 cybersecurity incidents – a sharp rise from 1,378 the previous year.
These incidents have spanned a range of provider types, including radiology services, pharmacies, and medical transport firms, highlighting the broad vulnerability of the sector’s digital infrastructure.
Dr. Anjali Camara, senior vice president at Amwins in Chicago, said the sector continues to draw the attention of cybercriminals due to the value and sensitivity of the information it holds, as well as its reliance on interconnected systems.
“Healthcare remains a primary target for cyber and ransomware attacks,” she said.
Camara explained that many attacks involve tactics like phishing, ransomware, and malware, which can compromise critical systems and sensitive data. But beyond the theft or exposure of information, she noted the potentially life-threatening implications of operational disruptions caused by ransomware.
“A ransomware attack that shuts down systems has the potential to not only delay critical care, but result in missed medication, incorrect dosage and even loss of life,” she said.
She emphasized that such events can ripple across an organization, affecting both clinical services and administrative functions. As a result, the need for strong cyber hygiene and a prepared response framework is more critical than ever.
“Businesses should adopt cybersecurity measures, including employee training, incident response plans and purchasing a cyber insurance policy,” Camara said.
According to Camara, cyber insurance has emerged as a foundational component of any organization’s defense. Coverage typically includes financial protection related to data recovery, legal costs, and liability claims resulting from breaches. But increasingly, policies are offering additional support before an incident even occurs.
“Policies often provide resources for risk management, incident response planning and access to cybersecurity experts to help mitigate future threats,” she said.
She pointed out that while insurance coverage is key, it must be paired with internal controls and proactive strategies to minimize exposure.
“At the heart of the healthcare industry is patient safety. While a data breach can expose patient data, a ransomware attack that shuts down systems has the potential to not only delay critical care, but result in missed medication, incorrect dosage and even loss of life,” she said.
“That’s why network segmentation is so important,” she said. “Separating patient data, general network and medical device management systems can help prevent breaches and minimize damage.”
She illustrated this point by referencing the 2023 HCA Healthcare breach, which compromised patient data across 20 states. Camara said the scope of the incident was tied to the interconnectivity of systems.
“Had these networks not been tied together, access could have been slowed, limited or eliminated altogether,” she said.
With the increasing availability of AI-driven tools and automated policy enforcement, Camara believes segmentation is now more feasible than in previous years. She also suggested that regulatory pressure may soon make it a requirement.
“With the proposed 2025 update to HIPAA security requirements, we expect it will ultimately become a standard approach to enhancing network security,” she said.
Third-party risk is another growing concern in healthcare cyber liability. Camara observed that vendor-related breaches have become more frequent, introducing new vectors for liability and operational risk.
She noted that it’s not enough to focus only on internal defenses — relationships with external service providers must also be structured with risk in mind.
“It’s important to require any third party to carry a cyber liability policy,” she said. “It’s also essential to define what information the third party will be handling, including protected health information (PHI) and personally identifiable information (PII).”
Camara added that cyber policies alone may not be enough to address the full range of exposures healthcare organizations face.
“Healthcare entities should also consider a suite of specialty liability insurance policies to ensure comprehensive risk protection,” she said.
She advocated for a layered insurance strategy that includes multiple lines of liability coverage tailored to different risks associated with digital operations.
“E&O coverage may help mitigate potential losses related to liability from technology failures, billing errors or computer system malfunctions — issues that can disrupt patient care or lead to regulatory scrutiny,” she said. “D&O insurance can protect leadership against lawsuits stemming from decisions made in the course of managing technology investments or responding to cyber incidents.”
As healthcare organizations continue to digitalize, Camara believes a strategic approach to risk transfer will become more vital. She said that insurance should not be viewed in isolation but as part of a broader operational resilience framework.
“As healthcare organizations become increasingly digital, having a layered insurance strategy is critical to protecting both operational integrity and organizational leadership,” she said.
Camara also addressed the upcoming 2025 update to the HIPAA Security Rule, which is expected to introduce new technical controls following the close of the public comment period in March.
The update will likely include encryption requirements for all electronic protected health information (ePHI), mandatory multi-factor authentication, detailed technology asset inventories, and automated monitoring systems.
“The 2025 update is expected to include new, mandatory technical controls to help strengthen healthcare cybersecurity,” she said. “We expect the new rules will help to further reduce the risk of cyber security gaps.”
What are your thoughts on this story? Please feel free to share your comments below.
