As we continue to closely monitor developments around the spread of COVID-19, the health and safety of Matthiesen, Wickert & Lehrer (MWL) employees around the country and our ability to ensure seamless continuity of subrogation excellence to our clients are our top priorities. All of our attorneys and staff are equipped at home with the ability to work remotely and will continue to provide the same prompt and responsive services that our clients are accustomed to receiving. There will be no discernable difference in the pre-COVID-19 legal services and our services going forward. We have experience with this type of national disaster. The lawyers and staff in our New Orleans office are veterans of Hurricane Katrina. This isn’t our first rodeo. It is business as usual here at MWL because we are prepared for disasters and interruptions in protocol.
As most of our clients adjust to the reality of claims handlers working from home, cybersecurity becomes a matter of paramount importance. Work-from-home employees may be especially vulnerable to phishing expedition and in an environment where people are stressed and hungry for more information, there is a natural tendency to ignore security best practices. You should rest assured that the referral of cases and files to MWL is safe and secure because cybersecurity is and always has been of the highest priority at MWL. Cyber attackers continue to target insurance companies and law firms, and they are not taking a vacation in light of COVID-19. At MWL, we conduct constant cyber security training, test our employees, employ data security counseling (in-house and outside), and conduct regular data security audits. Each year, MWL utilizes a third-party IT company to evaluate our software and network to ensure we are not vulnerable to a data breach. We scored well last year, because of the expensive steps we take to safeguard our system and your files. Many smaller firms cannot make the same claim. Cheaper is not always better; and it is rarely secure.
Over the last several years, MWL has taken dramatic steps to increase and maintain cyber security. We conducted a time-consuming and expensive multi-phase security upgrade process, and our security posture is very good. Our network is protected by industry-standard firewalls to provide segmentation of public and private traffic. Traffic processed through the firewall is then managed by deep-packet inspection firewalls safeguarding internal systems. All logical access is managed centrally by local LDAP-based directory systems. Our management staff oversees network user configuration, user authorization, and user termination. Our Intrusion Detection System is built into the firewall and monitored accordingly. Cybersecurity specialists are brought in from our IT Provider. They follow our incident response plan and escalate in communication with network engineers and our internal management. The IT Provider performs phishing simulations, network audits, and risk assessments regularly. Our IT Provider has a cyber security specialist with SANS certifications who advises us on our software and network. Additionally, our IT Provider brought in a HIPAA compliance professional to work with us to ensure all HIPAA rules that pertain to our line of business are being followed. All staff are required to take HIPAA security training annually to protect ePHI and PII. This training is about ninety minutes on average, and they must score 80% or higher on an extensive test. A few weeks ago, a person posing as a vendor walked into the employee entrance and began making his way back to our secure server room. If he had been able to get in without being stopped, it would have reflected poorly on our scores that month.
If your current subrogation law firm or vendor is not doing the same; you and your insured’s data, sensitive medical information and PHI is not secure. Rest assured that all of the above precautions are securely in place during this ongoing COVID-19 pandemic.