New Study Estimates Data Breaches Cost the Healthcare Industry $5.6 billion Annually
A newly released study from the Ponemon Institute underscores major areas of risk for healthcare organizations when trying to safeguard protected health information and uphold requirements under HIPAA-HITECH law. Find the full study here.
According to the Fourth Annual Benchmark Study on Patient Privacy & Data Security, criminal attacks on healthcare systems have risen a startling 100% since the first study was conducted four years ago in 2010. Additionally, healthcare employees are fueling breach risks by increased use of their personal unsecured devices (smartphones, laptops and tablets). The vast majority of Business Associates—those that have access to PHI and work with Covered Entities—are not yet in compliance with the HIPAA Final Rule.
Despite a slight drop in data breaches overall, such incidents are costing some healthcare organizations millions of dollars every year. While the cost can range from less than $10,000 to more than $1 million, The Ponemon study calculates the average cost for the organizations represented in this year’s benchmark study is approximately $2 million over a two-year period.
Based on the experience of the healthcare organizations in this benchmark study, we believe the potential cost to the healthcare industry could be as much as $5.6 billion annually.
Is your organization at risk for becoming a data breach statistic? Have you done all you can to identify areas of risk within your HIPAA compliance efforts? And, do you — and your organizations C suite – understand the potential financial impact? Here are a few tools to help you answer the tough questions:
- Risk Analysis Whitepaper – “Risky Business: How to Conduct a Bona Fide HIPAA Security Risk Analysis” will help you better understand and act on the specific Risk Analysis requirements included in the HIPAA Security Final Rule, as amended by The HITECH Act. Click here to download.
- PHI Protection Network (PPN) Conference – A group of leading information privacy and security professionals will be convening in Anaheim, California on Thursday, April 10, 2014 to share best practices and determine how healthcare organizations can more effectively safeguard protected health information. Interested participants can register here.
- PHI Value Estimator Tool – As part of a study produced ANSI (whose leaders then launched the PHI Protection Network (PPN), this tool will help estimate the overall potential costs of a data breach to your organization and provide a methodology for determining an appropriate level of investment to strengthen your privacy and security measures. Click here to learn more.
- HIPAA Compliance Software – Learn about software tools and consulting services that help your organization take a methodical and comprehensive approach which strictly follows the HHS/OCR guidance for Security Risk Analysis and harnesses the power of the NIST risk assessment processes. Click here for a “by-the-book” approach to risk analysis.
Please avail yourself of any of these free resources which you may access now by clicking on the links below:
- Risk Analysis Buyer’s Guide
- Expert 2nd Opinion on Your HIPAA Risk Analysis
- Clearwater Compliance White Paper: Risky Business: How to Conduct a Bona Fide HIPAA Security Risk Analysis
- Clearwater Recorded Webinar event entitled How to Conduct a Bona Fide HIPAA Security Risk Analysis
- IRM|Analysis™- Clearwater’s Risk Analysis and Risk Management software DataSheet
- IRM|Analysis™- Clearwater’s Risk Analysis and Risk Management software Free Trial for qualified organizations
- More Risk Analysis Resources
Latest posts by Bob Chaput (see all)
- HIPAA Risk Analysis Tip – Part 5 – Questions & Answers from May 3rd Conversation with Former OCR Director Leon Rodriguez - June 5, 2017
- HIPAA Risk Analysis Tip – Part 4 – Questions & Answers from May 3rd Conversation with Former OCR Director Leon Rodriguez - May 29, 2017
- HIPAA Risk Analysis Tip – Part 3 – Questions & Answers from May 3rd Conversation with Former OCR Director Leon Rodriguez - May 21, 2017