The individual cost of a data breach: $19k

How much does a data breach cost? For hospitals and health systems, the answer can be in the millions: $50,000 per HIPAA violation or up to $1.5 million per calendar year per identical violation. But what about the cost of a data breach for an individual patient?

According to a report by the Ponemon Institute, the average out-of-pocket cost to a patient after medical identity theft is $18,660. The 2013 data show that while only 36 percent of patients — more than 660,000 — end up incurring out-of-pocket costs as a result of medical identity theft, it is expensive for those victims. The total costs incurred by medical identity theft victims in 2013 were about $12.3 billion, according to the report's extrapolation.

Expenses for victims include identity protection, credit reporting, legal counsel, expenditures on medical services due to lapses in insurance coverage and reimbursements to healthcare providers for services provided to identity thieves.

The danger of these costly healthcare data breaches is on the rise. The black market demand for health records illustrates this perfectly: While a stolen credit card number sells for $1 dollar, a stolen health record sells for $50 dollars, according to a report from Bitglass.

And, the point of access for device and data thieves is also widening. Thirteen percent of healthcare organizations use cloud email, and 90 percent of healthcare workers use their personal phones for their jobs, according to the report.

More articles on health IT:

Cerner to provide free CommonWell services for 3 years

Mobile messaging could increase efficiency, accountability

5 key findings on the state of IT security

© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Featured Webinars

Featured Whitepapers