David Ross & Associates
  • Home
  • Testimonials
  • Join List
  • Blog
  • Contact
  • Critical Event Protection

Letter to the editor: Consequences of cyber theft is dire

7/15/2015

0 Comments

 
Picture
This letter to the editor was published July 13 in the Pottstown (PA) Mercury. Its chilling message reminds us that "data breach is forever."

When it comes to the consequences of cyber theft, have local hospitals, medical practitioners and elected officials turned their backs on the communities they serve?

Earlier this year, The Mercury published a letter in which I described my experience as someone who had personal information, including a Social Security number, exposed as the result of a data systems breach at CHS (Community Health Systems). In the case of this “hack,” I was but one of potentially millions so affected. As no one in a position of authority appeared to have taken it upon themselves to address the consequences of this gross negligence, I took it upon myself to contact Wayne T. Smith, the CEO of CHS. Only one question was posed — Would you kindly advise me when my personal information will no longer be subject to abuse by third parties as a result of the information system breach? It was an unfair question as I knew that until my dying day, the netherworld of identity thieves would likely be privy to that information. For this effort, I was rewarded with a one-year extension of “free” identity theft monitoring (see below for CHS contact information). What remains unanswered is the question of who will bear the long term cost of this monitoring service. An average individual plan unsupported by CHS economies of scale can exceed $200 annually.

Last month, a class action lawsuit brought by 62,000 plaintiffs against the University of Pittsburgh Medical Center was dismissed by a judge in Allegheny County. The data system breach was remarkably similar to that at CHS. In his ruling, Judge Wettick declared that Pennsylvania law imparts no liability to entities that suffer a breach of their security systems other than to provide notice to affected parties.

What one can glean from the Dittman v. UPMC case is that our legislature and governor are very much behind the curve when it comes to addressing the short and long term consequences of cyber theft. One might also conclude that as cyber thefts begin to overlap, it will be problematic for plaintiff attorneys to definitively identify which theft was responsible for actual harm. Of no question is that victims of the CHS breach will incur financial harm if they elect to renew the identity theft monitoring service recommended by CHS if and when CHS ceases to underwrite the service. The risk in not re-subscribing to such a service is that identity thieves typically strike when complimentary programs expire, knowing that most will not be renewed out of a false sense of security.

The costs associated with cyber security and the numbers of those victimized by cyber theft are simply staggering. Investment bank J.P Morgan Chase currently spends $500 million annually on cyber security. The $75 billion market for cyber security services is expected to double within four years. Ponemon Institute research reveals that the average remediation cost associated with an exposed personally identifiable record is $217 for a U.S. company, $398 in the case of an exposed healthcare record. The recently hacked files of 18 million current and former federal employees pales in comparison to the 200 million records exposed in the hack of an Experian Plc. subsidiary. No parties, particularly insurers, have been able to get their arms around the problem given its complexity and scale.

In the near term, local CHS-affiliated hospitals and medical practitioners must disseminate to CHS victims information regarding the availability of free identity theft monitoring extensions ( Contact: Andi Bosshart, Senior Vice President, Corporate Compliance and Privacy Officer, CHS, 4000 Meridian Blvd, Franklin, TN 37067). Before those extensions expire in 2016, it is incumbent upon our state legislature, particularly those members seeking the office of attorney general, to craft legislation designed to fairly address cyber theft liability including assigned liability for costs associated with long term identity theft monitoring.

— Mark Furlong, North Coventry PA



0 Comments



Leave a Reply.

    Picture
    David Ross

    Call me at 

    678-654-9500
    • Independent Life & Health Insurance Agent
    ​• LegalShield & IDSheld Independent Associate & Director

    RSS Feed

    Archives

    December 2019
    November 2019
    October 2019
    September 2019
    August 2019
    July 2019
    June 2019
    April 2018
    March 2018
    February 2018
    January 2018
    December 2017
    November 2017
    October 2017
    September 2017
    August 2017
    July 2017
    June 2017
    May 2017
    April 2017
    March 2017
    February 2017
    January 2017
    December 2016
    November 2016
    October 2016
    September 2016
    May 2016
    April 2016
    March 2016
    February 2016
    January 2016
    December 2015
    November 2015
    October 2015
    September 2015
    August 2015
    July 2015
    June 2015
    May 2015

    Categories

    All
    Accelerated Depreciation
    Business Management
    Cost Segregation
    Credit Score
    GMG Savings
    Health Insurance
    Identity Theft
    Legal
    Life Insurance
    Marketing
    Property Cost Allocation
    Property Tax
    Stryde Savings
    Tax Benefits

    Tweets by @DrDavidRoss
Contact David Ross & Associates at 678-654-9500
2720 Riverside Drive #7063, Macon GA 31209
david@davidrossandassociates.com


David Ross is a licensed life & health insurance agent representing
Humana, UnitedHealthcare, Clover Health, New Era/Philadelphia American, Manhattan Life & Assurance, Family Life, Voya Financial, Banner Life, Transamerica, Protective Life, Securian/Minnesota Life, Cincinnati Life, Illinois Mutual, Mutual of Omaha, Ameritas, National General, SureBridge, and other insurance carriers. David Ross is an Independent Associate and Director of LegalShield. LegalShield and IDShield are registered trademarks of LegalShield. TrioMed is a registered trademark of National General. Some icons and photos courtesy of flaticon.com, pixabay.com, and rawpixel.com.
​

Descriptions of benefits are intended only to highlight the insured’s benefits and should not be relied upon to fully determine coverage. If any description conflicts in any way with the terms of any policy, the terms of the policy prevail. For complete benefits descriptions and conditions, see the policy.

Copyright © 2009 - 2021 David Ross & Associates 
  • Home
  • Testimonials
  • Join List
  • Blog
  • Contact
  • Critical Event Protection