Revenue Cycle Experts

Pay Your Bill Client Log In

Blog & News

Cybersecurity in the Age of Hackers

July 11, 2018

If you have been giving a modicum of attention to the news in recent months, it seems as though every month or two we hear about another major organization whose “secure and encrypted customer database” has been hacked.

Wikipedia contributors composed a long list of corporate entities that have been hacked in recent years. Using data compiled from various sources, including press reports, government news releases and mainstream news articles, listed are those involving the theft or compromise of 30,000 or more records each, although many smaller breaches occur continually.

It is estimated that the average cost of a data breach in North America will be more than $150 million by 2020, with the global annual cost forecast to be $2.1 trillion. It is estimated that in 2015 alone, 707 million records were exposed as a result of data breaches. Vigilante.pw lists over 2,100 websites which have had their databases breached, containing over 2 billion user entries in total.

In May 2016, Forbes magazine online published a report titled, Top 5 Industries at Risk of Cyber-Attacks.” In order, the top five are Healthcare, Manufacturing, Financial Services, Government, and Transportation.

The estimated cost of a major system breach is between $100 and $200 per customer record — which includes post-breach costs such as lost business due to reputational damage, and costs associated with required communications and identity-theft services for consumers whose information has been compromised. This is a terribly high cost considering that preventing a breach is only about $8 per consumer record. This creates a strong motivation for institutions to spend more on preventing cyber intrusions.

An organization that has 25,000 records will have an estimated post-breach cost of $2.5 to $5 Million to clean up after a cyber breach. An organization with 100,000 records would bare costs $10 million dollars or higher.

Here’s some simple math related to a potential cybersecurity breach. Most collection agencies are required by various regulation to maintain collection records for at least five years. A medium to large national collection agency is estimated to have at least 5,000,000 records. In the event of a breach, an agency would be required to send letters to each consumer warning them of the breach and advising them what possible actions to take. Printing, processing, and postage is $0.57 per letter; the cost of the lettering alone would be $2.8 million. This cost alone could be enough to cripple an agency that is not carrying a cyber-attack insurance policy, leaving you with the responsibility of following up with your breached records.

How many consumer records does your government agency house? What is your organization doing to prevent a cybersecurity breach?

Do the collection agency(s), or other third-party vendors with whom you work take every measure to protect your consumer/citizen records? Do you know if your vendors have the best in Cyber-Security protections? Do you know have certified documentation of their policies and procedures for the housing and protection of your citizens records? Do they maintain a Cyber Insurance Policy?

I’m guessing that your RFPs and published competitive bids have specific requirements that ask a vendor to explain what measures, technologies, and certifications they have to protect consumer data from a breach. But, how many city, county and state entity RFP’s are requiring their vendors to maintain a Cyber Insurance Policy?

Check Your Vendors

Here at PRC (Revco Solutions), we strongly suggest that your organization has a very detailed and specific set of requirements that assure your vendors are protected against cyber-attacks and identity theft attempts. We would also recommend that you require your vendors to maintain a robust cyber-insurance policy for such possible breaches.

The primary and most essential step to ensuring cybersecurity is to require your collection agencies and other vendors to obtain and maintain certified processes and programs for all areas of their businesses.

You must also be sure that your collection agencies and other vendors obtain and maintain various certified processes and Certification Programs that assure your organization and your customers and citizens are protected from cyber threats.

For example, PRC (Revco Solutions) considers information security an integral part of our business as well as the first line of defense against all potential internal and external threats to the business: physical, environmental, and computer-security related.

For that reason, we completed an extensive Multi-Scope audit through TECH LOCK ®INC. We engaged with TECH LOCK ®INC in 2016 to begin an extensive Security and Compliance auditing process and achieve TECH LOCK ® Certification. The TECH LOCK® Certified Audit standards aim to meet current applicable laws as well as creditor and issuer consumer data safeguards or controls.

We encourage you to explore these measures for your own organization and require them from your vendors.

Affiliations Audits & Achievements

  • HFMA: Healthcare, financial, management, association
  • AAHAM: American Association of Healthcare Administrative Management
  • ACA International

Revco Solutions Locations

Durham, NC (Corporate Headquarters)

2700 Meridian Parkway, Suite, Suite 200
Durham NC, 27713

Jacksonville, FL

7011 AC Skinner Parkway,
Suite 170
Jacksonville, FL 32256

Dewitt, MI

1161 E Clark Road,
Suite 240
Dewitt, MI 48820

Ada, MI

4764 East Fulton,
Suite 101
Ada, MI 49301

Pittsburgh, PA

875 Greentree Road,
8 Parkway Center,
Suite 100
Pittsburgh, PA 15220

Dayton, OH

6450 Poe Ave,
Suite 301
Dayton, OH 45414

Columbus, OH

250 E Broad Street,
4th Floor
Columbus, OH 43215