Healthcare data breaches more expensive than other industries

Healthcare organizations will pay more per lost or stolen record when their data is breached, according to a new study by IBM and the Ponemon Institute.

The annual report on the cost of data breaches found responding to a breach has become more costly across all industries around the world, rising to an average of $4 million.

The average cost across all industries broke down to $158 per record that has been lost or stolen. Healthcare organizations, however, were shown to face a significantly higher cost of $355 per lost or stolen record—well above the next highest cost, education, which came in at $245 per record.

The report, now in its 11th year, said trends indicate the healthcare industry has to deal with greater financial consequences from data breaches because of fines levied against breached organizations, along with higher than average rates of lost business and customers.

While IBM and the Ponemon Institute don’t offer remedies specific to healthcare, the report did point out measures that can affect the overall costs of responding to breaches. For example, having an incident response team reduced the price tag of a breach resolution by an average of $16 per record. Extensive use of encryption and employee training were also shown to reduce costs.

On the flip side, if the breach involved a third party, costs went up by an average of $14 per record. Rushing to notify, having devices lost or stolen, and hiring consultants were also shown to increase response costs.

""
John Gregory, Senior Writer

John joined TriMed in 2016, focusing on healthcare policy and regulation. After graduating from Columbia College Chicago, he worked at FM News Chicago and Rivet News Radio, and worked on the state government and politics beat for the Illinois Radio Network. Outside of work, you may find him adding to his never-ending graphic novel collection.

Around the web

Compensation for heart specialists continues to climb. What does this say about cardiology as a whole? Could private equity's rising influence bring about change? We spoke to MedAxiom CEO Jerry Blackwell, MD, MBA, a veteran cardiologist himself, to learn more.

The American College of Cardiology has shared its perspective on new CMS payment policies, highlighting revenue concerns while providing key details for cardiologists and other cardiology professionals. 

As debate simmers over how best to regulate AI, experts continue to offer guidance on where to start, how to proceed and what to emphasize. A new resource models its recommendations on what its authors call the “SETO Loop.”