IT | Security

Data Breaches Cost $6 Billion to Healthcare Industry

By: Absolute Team | 11/19/2010

The Ponemon Institute and ID Experts recently published the Benchmark Study on Patient Privacy and Data Security. The study revealed that data breaches cost hospitals $6 billion, an astonishing figure.

The study was based on the interviews with 211 senior-level managers at 65 healthcare organizations on actual data loss and data theft experiences. Despite the passage of the HITECH Act, which was intended to provide safeguards for patient data, the study revealed some troubling facts:

  • The total economic burden created by data breaches on the healthcare industry is nearly $6 billion per year
  • The impact of a data breach over a 2-year period is approximately $2 million
  • The average organization had 2.4 data breach incidents over the past 2 years
  • Factors causing data breaches are unintentional employee action, lost or stolen computing devices and third-party error
  • 58% of organizations have little or no confidence in their ability to secure patient records (cited reasons are lack of resources and insufficient policies & procedures)
  • 70% say that patient data protection is not a top priority

HITECH has exposed the healthcare industry's lax data protection practices rather than improved the safety of patient records. The majority (71 percent) of respondents do not believe the HITECH Act regulations have significantly changed the management practices of patient records. The findings indicate that there is a significant number of data breaches that go undetected, and therefore unreported.

It is very unfortunate that patient privacy is so lowly regarded in the healthcare industry and it is to be hoped that the current costs, as well as fines now being levied for HIPAA violations.

Do you think that the industry still derives so much from patient revenue that these costs are just not tangible yet?