About Us

Message from the Chair

Tamara Fountain MD, OMIC Chair

“We value your security and are committed to protecting your financial health,” thus said the letter accompanying a new credit card I received not too long ago.

In response to another major retailer cyber hack, my bank had taken the liberty of not only replacing the plastic of its millions of card holders but changing the account numbers as well. Despite the aggravation of alerting all my autopay accounts, I did take some comfort in another layer of protection for my financial information. It made me wonder, do I have the same level of comfort when it comes to the security of my practice’s information? The answer to that question is a little more complicated.

It used to be that the greatest external threat to the security of my practice might be a natural disaster. Fire and flood almost seem welcome compared to the vulnerabilities we face today in our interconnected, virtual world. You don’t have to lose an EMR laptop or have a server stolen from your office (though both have happened to our insureds) to put patients’ privacy at risk. Hackers on the other side of the world can breach firewalls and wreak havoc on your practice and its reputation.

It’s not just larger institutions like hospitals that have experienced these breaches either. OMIC has received approximately 50 reported claims related to cyber breaches. Practices may be targeted by a disgruntled employee or simply chosen at random by hackers who are now moving down the food chain as larger institutions beef up their cyber defenses.

None of this is surprising when you consider that your patients’ medical information is worth 10 to 20 times more to criminals than a credit card number on the black market. Names, birth dates, policy numbers, diagnosis codes, and billing information are collected by fraudsters to create fake IDs that can be used to buy and resell medical equipment and drugs. Patient identification data can be combined with false provider numbers to file phony claims with various insurers.

As healthcare providers, we must disclose breaches of unsecured data to comply with HIPAA and HITECH requirements. This may include contacting each of our patients to explain what happened. We also must get our systems back up and running and will be expected to help our patients protect themselves from further harm by purchasing credit monitoring services or providing some other remedy. We also may face fines or penalties.

OMIC recognized these external threats long before most other carriers and, 17 years ago, added benefits to the standard professional liability policy to help pay for several non-patient care professional liabilities. The Board voted unanimously last fall to double the amount of this coverage to $100,000 per policy period. You’ll be glad to know that this additional coverage comes at the same low price of FREE for our insureds. Learn more at www.omic.com/policyholder/benefits/.

Although I’m still a little concerned I may need to deal with one of these regulatory issues or cyber breaches in the future, I do take comfort in knowing that my OMIC policy is there to help me when I need it.

TAMARA R. FOUNTAIN, MD, OMIC Board of Directors