Big Cs Dominate
Two risks have dominated C-Suite agendas since we started gathering data in 2020.
1. Cyber has proven a steady drum beat of concern around e-crime including ransomware and phishing.
2. Competency fears haunt every boardroom. Was treatment or advice as advertised? Was professional competency somehow misrepresented?
In 2024 both risks loom larger than in 2022 – but for the first time it’s concern over competency that dominates – driven by a combination of factors:
Juniorisation of the workforce is driven by companies losing senior people due to age or burnout. That means fewer mentors around and less skilled staff doing more complex work.
Recruitment is a headache where entry qualifications are expensive and young talent is ‘turned off’ by the industry’s reputation.
Agility is a double-edged sword. Companies may lose strategic focus as they rush to exploit new health trends, potentially building alliances with partners who don’t risk manage so well.
Regulation was relaxed during the pandemic, making it harder to weed out staff and increasing liability down the line. And C-suite concern that practitioners aren’t appropriately licensed is consistently the third-ranked issue in our surveys - up from 21% in 2022 to 34% in 2024.
Post COVID, healthcare providers are often characterised as greedy – so the frequency and severity of adverse verdicts and large settlements is on the rise. Large plaintiff awards are media-hyped, which impacts the views of jurors and further heightens victim expectations.
Keri Marmorek
Claims Team Leader, Healthcare Claims
This makes life difficult for virtual health start-ups – damaging brands and negatively impacting investment propositions.
Our digital healthcare team is concerned at the reluctance by some businesses to remediate risks because of cost.
Evan Smith
Product Leader, Global Healthcare, Specialty Risks
No wonder 29% of digital health & wellness firm executives globally are concerned by time and cost to remediate risks; 29% by regulatory action and fines, and 28% by associated legal action.
Greater use of AI will drive the risk of cyber criminals exploiting greater reliance on technology.
There have been multiple incidents of ransomware shutting down payment systems or preventing healthcare providers from accessing patient records, ordering drugs or replenishing their supply chains, even before adoption of AI becomes more widespread.
Cyber risks can also involve inappropriate release of information through negligence or error; or via cyber criminals exploiting supplier or business system weaknesses.
The recent CrowdStrike[2] incident in which a faulty update crashed some 8.5m Microsoft Windows Systems globally caused an estimated US$10bn in financial damage, and also sparked a bonanza for cyber-criminals launching phishing attacks hoping to catch people out as they dealt with the fallout of the original incident.
Keri Marmorek
Claims Team Leader, Healthcare Claims, Beazley