Healthcare breaches cost $6.2B annually

A new whitepaper from Protenus reveals data breaches not only harm an organization's public image, they also cost exorbitant amounts of money.

Titled "Cost of a Breach: A Business Case for Proactive Privacy Analytics," the whitepaper details seven potential costs of a healthcare data breach.

Here are nine things to know about Protenus' whitepaper.

1. Breaches in the U.S. healthcare field cost $6.2 billion each year. The average cost of a single data breach across all industries is $4 million, according to a 2016 study from IBM and Ponemon Institute.

2. Approximately 90 percent of hospitals have reported a breach in the past two years.

3. When a healthcare organization experiences a breach, forensics costs added up to $610,000. After a breach, organizations often have to bring in compliance personnel and auditors to detail what information was breached.

4. Breach notification costs $560,000 on average. Overall notification costs — including reporting information to the media, notifying HHS and setting up a toll-free number and credit monitoring services for affected patients — can reach high totals.

5. Costs affiliated with lawsuits average $880,000. Whether class-action or single-patient, breach-related lawsuit costs can add up, with those in the healthcare industry being even more costly.

6. For each data breach, healthcare organizations average $3.7 million in lost revenue. Data breaches often result in a loss of patient trust, which can spiral into millions of dollars in lost potential revenue. A report from the Ponemon Institute estimates healthcare organizations average $3.7 million in lost revenue per data breach, but a report from Accenture estimates the cost could be as high as $113 million.

7. Healthcare organizations average $500,000 in lost brand value after a breach. An organization's reputation can be damaged after a breach. Some estimates reach $50 million as an average amount in lost brand value, but Protenus claims the actual lost value varies from institution to institution.

8. The average HIPAA settlement fine is approximately $1.1 million. This average is only increasing as HHS becomes more aggressive in enforcing HIPAA regulations.

9. Post-breach cleanup costs average $440,000. Though cleanup costs after a breach differ between organizations, even purchasing new technologies and hiring new staff members can add up.

More articles on health IT:
Question about telemedicine raised in Rep. Tom Price's confirmation hearing: Here's what he had to say
Top 10 medical practice management solution providers named by SelectHub
19 hospitals, health systems seeking Cerner, Meditech, Epic talent

© Copyright ASC COMMUNICATIONS 2017. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Top 40 Articles from the Past 6 Months