Tenet Health is among a handful of healthcare sector entities in the last year to publicly report that cybersecurity incidents have resulted in significant financial losses. In an interview with Information Security Media Group, Partner Peter Halprin explained how Tenet’s financial losses are reportedly being eased through Tenet’s cyber insurance coverage, and how Tenet’s disclosures highlight the increased focus of the Securities and Exchange Commission (SEC) on disclosures relating to cybersecurity incidents.
“Last year, the SEC settled charges against First American Financial Corp. for disclosure controls and procedures violations following the exposure of sensitive customer information,” Halprin said. “Companies will therefore want to ensure that they make appropriate disclosures in relation to such incidents.”
“In the meantime, Tenet’s recent SEC filing related to its April cybersecurity incident underscores the importance of cyber insurance,” Halprin added. “The fact that the claim was within policy limits suggests that Tenet purchased cyber insurance limits in excess of the amount of the [$100 million] unfavorable impact. If so, this would be a classic example as to how cyber insurance can provide bottom-line protection for companies who have been the victims of cybersecurity incidents.”
Read the full Information Security Media Group article here.