Menu

Spotlight on: ISC West 2024

Re-Write Your Lesson Plan for School Safety with Hanwha Vision

Attention Technology Manufacturers and Security Systems Integrators: The Campus Safety BEST Awards Are Back!

Traka to Showcase Touch Pro Key Cabinets and More at ISC West 2024

Hanwha Vision America to Feature AI Solutions at ISC West 2024

Survey Finds Campuses Using Their Emergency Notification Systems More

2023 Video Surveillance Survey Finds AI, the Cloud, and LPR Gaining Traction on Campuses

Close
Hospital Security

Data Breaches Cost Hospitals $6 Billion Per Year

TRAVERSE CITY, Mich. and PORTLAND, Ore. – A recent study by the Ponemon Institute finds that data breaches of patient information cost healthcare organizations nearly $6 billion annually, and that many breaches go undetected. The research indicates that protecting patient data is a low priority for hospitals and that organizations have little confidence in their ability to secure patient records, putting individuals at great risk for medical identity theft, financial theft and embarrassment of exposure of private information. The study was sponsored by sponsored by ID Experts.

The passage of the HITECH Act in 2009 widened the scope of privacy and security protections under HIPAA to provide stronger safeguards for patient data. This includes notification to patients when their information is breached.

“Our research shows that the healthcare industry is struggling to protect sensitive medical information, putting patients at risk of medical identity fraud and costing hospitals and other healthcare services companies millions in annual breach-related costs,” said Dr. Larry Ponemon, chairman and founder, Ponemon Institute. “At this point one would hope to see that healthcare organizations have improved information security practices and come into compliance with HITECH, now that it’s been more than one year since it was enacted. Instead we found enormous vulnerabilities. The protection of patient data should be at the forefront of their efforts.”

Key findings of the research:

  • Data breaches are costing the healthcare system billions. The total economic burden created by data breaches on the healthcare industry is nearly $6 billion annually. The impact of a data breach over a two-year period is approximately $2 million per organization and the lifetime value of a lost patient is $107,580. The average organization had 2.4 data breach incidents over the past two years. Major factors causing data breaches are unintentional employee action, lost or stolen computing devices and third-party error.
  • Healthcare organizations are not protecting patient data. Organizations have little or no confidence in their ability to appropriately secure patient records (58 percent). Healthcare organizations have inadequate resources (71 percent) and insufficient policies and procedures in place (69 percent) to prevent and quickly detect patient data loss.
  • Protecting patient data is not a priority. Seventy percent of hospitals stated that protecting patient data is not a top priority. Patient billing (35 percent) and medical records (26 percent) are the most susceptible to data loss or theft. A majority of organizations have less than two staff dedicated to data protection management (67 percent).
  • HITECH has exposed the healthcare industry’s lax data protection practices rather than improved the safety of patient records. The majority (71 percent) of respondents do not believe the HITECH Act regulations have significantly changed the management practices of patient records. The findings indicate that there is a significant number of data breaches that go undetected, and therefore unreported.

“We talk with healthcare compliance people dealing with data breach risks every day and they just can’t get their arms around the problem of data exposure,” said Rick Kam, president and co-founder of ID Experts. “Unfortunately, in healthcare organizations, patient revenue trumps risk management.”

Read the full press release.

Review the study.

If you appreciated this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

Tagged with: Access Control Data Breaches HIPAA HITECH Important Resources

Leading in Turbulent Times: Effective Campus Public Safety Leadership for the 21st Century

This new webcast will discuss how campus public safety leaders can effectively incorporate Clery Act, Title IX, customer service, “helicopter” parents, emergency notification, town-gown relationships, brand management, Greek Life, student recruitment, faculty, and more into their roles and develop the necessary skills to successfully lead their departments. Register today to attend this free webcast!

Get Our Newsletters
Campus Safety Conference promo

Recommended For You

Student and Staff Safety: Addressing the Significant Rise in Mental Health Needs and Violence
Student and Staff Safety: Addressing the Significant Rise in Mental Health Needs and Violence

In this webinar, attendees will learn the observable behaviors people exhibit as they head down a path of violence so we can help prevent the preventable.

Beyond Threat Assessment: Managing Threats with Appropriate Follow-up, Monitoring & Training
Beyond Threat Assessment: Managing Threats with Appropriate Follow-up, Monitoring & Training

This discussion will help participants analyze, understand, and assess their own program effectiveness.

Latest Quizzes

How Should These Clery Act Crimes Be Classified in Your ASR?
Mental Health in America: Test Your Awareness with This Quiz
Test Your Hospital Safety and Security Knowledge with These 9 Questions