Cost of data breaches in healthcare increased while other industries see 10% drop

Data breaches cost healthcare organizations an average of $380 per record, more than any other industry included in the 2017 Cost of Data Breach study from IBM Security and the Ponemon Institute.

The cost per lost or stolen record in healthcare has continued to increase, up $25 from $355 per record in the 2016 report. The cost across all industries, however, was down 10 percent, with the global average cost of a breach falling to $3.62 million from $4 million. In the U.S, the average cost across all industries rose from $221 to $225 per record, with the average total cost increasing from $7.01 million to $7.35 million.

A notable finding from the report, now in its 12th year, was data breaches caused more businesses to lose customers over the past year. Healthcare was identified as one of the industry most vulnerable to this effect, with a 5.5 percent “abnormal churn rate,” defined as a greater than expected loss in customers after a breach has occurred. That lost business makes up around 41 percent of the breach’s cost.

An effective strategy to keep customers is to have a C-suite level leader like a chief privacy officer or chief information security officer who can “direct initiatives that improve customers’ trust in how the organization safeguards their personal information.” Across all industries, having some sort of incident response team reduced the cost of a breach by $19 per stolen or lost record.

""
John Gregory, Senior Writer

John joined TriMed in 2016, focusing on healthcare policy and regulation. After graduating from Columbia College Chicago, he worked at FM News Chicago and Rivet News Radio, and worked on the state government and politics beat for the Illinois Radio Network. Outside of work, you may find him adding to his never-ending graphic novel collection.

Around the web

Cardiovascular devices are more likely to be in a Class I recall than any other device type. The FDA's approval process appears to be at least partially responsible, though the agency is working to make some serious changes. We spoke to a researcher who has been tracking these data for years to learn more. 

Updated compensation data includes good news for multiple subspecialties. The new report also examines private equity's impact on employment models and how much male cardiologists earn compared to females.

When drugs are on the FDA’s shortage list, outsourcing facilities can produce their own compounded versions. When the FDA removed tirzepatide from that list with no warning, it created a considerable amount of chaos both behind the scenes and in pharmacies all over the country. 

Trimed Popup
Trimed Popup