Privacy and security risks are difficult to manage. They are extremely complex and they can change dramatically. Their potential negative outcomes can be very significant. Because of these attributes, traditional risk management tools are not adequate to cope with these risks. We have developed a suite of new tools and processes to support cyber risk management.
We are focused on the health provider space only. Our approach is to price each hospital based on their actual risk, not based on the expected performance of a market-wide portfolio.
Depth of Coverage
We address privacy and security breaches (suspected, threatened and actual breaches) from the perspectives of financial risk, litigation risk, regulatory risk, reputation risk and disruption risk.
Hospitals cannot get the information we provide anywhere else because our process is a uniquely bottom up risk assessment approach. Other insurance assessments are based on an estimated top-down portfolio.
EGB leverages machine learning to power our insurance and our software. This means that for the first time, the hospital has the analytics to pro-actively make fact-based enterprise-wide risk management decisions in a transparent environment.
Know Your RiskEGB uses AI to quantify a hospital’s inherent risk, their risk according to their attributes.
Manage Your RiskEGB uses another AI application to establish the quality of the hospital’s cyber risk controls.
Breach ResponseEGB embeds the investigation and response team in the insurance it offers.
Align Risk AppetiteBased on its residual risk (inherent risk modified by its control quality), the hospital can see how much risk they have.
Reduce Your Risk
EGB equips hospitals with the ability to make informed choices about how to deploy their risk management resources by allowing them to determine their desired risk appetite through customized limit and retention choices.
Keep Risk and Insurance In Sync
EGB monitors, in real time, incremental changes to a hospital’s risk environment and provides updates on any changes to their residual risk, further allowing the hospital to make informed risk management choices.
- Initial paper based application form to clarify which entities are applying for coverage.
- Assessment app to establish the hospital’s control environment
- Indication offered – to verify if risk appetite meets expectations
- Alternative or additional control recommendations can then be offered to reduce the risk to the preferred risk appetite if necessary
- Formal quote – with Playbook manual – provided; usually open 5 working days
- Bind – confirm placement
- Adapt coverage as the risk changes
- Respond to incidents as necessary
We understand hospitals – we worked with hospitals to design this program; the CIO of a major hospital chain was the original architect. We understand HIT and the challenges Hospital CISOs, Privacy Officers and Risk Managers face.