The most trusted stewards for protecting consumers’ health data are “my providers:” “my” physician (88%), “my” pharmacy (85%), and “my” hospital” (84%). according to the Accenture 2017 Consumer Survey on Healthcare Cybersecurity and Digital Trust.

Who’s least-trusted? Government (56%) and tech companies (57%). Note, though, that most Americans (over 50%) trust these health data holders — it’s just that fewer people trust them than healthcare providers, who are top health information protectors in health consumers’ trust rosters.

Accenture commissioned Nielsen to conduct this survey in November 2016 in seven countries. The results discussed here in Health Populi focus on the United States data only, for a national sample of 2,000 of adults, 18 and over.

8 in 10 people have confidence in digital data security measures that providers and insurers have undertaken to protect personal health information (PHI). Two-thirds of consumers (fewer, but still a majority) are confident in data security tactics adopted by health app and medical device companies to protect peoples’ health data.

Most breaches have occurred in hospitals (36%), followed by pharmacies and urgent care clinics, physician’s offices, and health insurance companies. Among breaches, three-fourths involved some kind of medical information — most commonly electronic medical record data, health insurance ID numbers, medical record numbers, or data from a tracking app. One-half of breaches concerned personal information, such as Social Security Numbers or contact information.

Data breaches harm digital trust between people and healthcare industry stakeholders, as the pie chart illustrates. But there’s a kind of pragmatic maturing of health consumers when it comes to data breaches: 41% said they trusted companies more after a healthcare data breach based on how the organization responded to the incident. This response may be attributable to the survey finding that 76% of consumers who experienced a health data breach felt the attacked organization handled the incident “well.”

Accenture offers several recommendations for health care stakeholder organizations’ responsible for consumers’ personal health information:

  • Improve response capabilities to limit potential damage
  • Validate downtime procedures to reduce recovery time and conserve patient care and business operations
  • Share threat information and response actions with consumers
  • Reboot cyber-defense approaches to plan for a continuum of threats and to protect high-priority assets
  • Manage risks via targeted cybersecurity investments that help build digital trust with healthcare consumers.

Health Populi’s Hot Points:  Trust is the #1 underpinning factor for consumers to engage with an organization for their health. We learned this in the first Edelman Health Engagement Barometer: we found that trust is the most important factor in health engagement, followed by authenticity and satisfaction.

Since that survey was fielded as the Great Recession of 2008 was eroding Americans’ 401(k) plans and workers were losing jobs, patients have morphed into health consumers seeking transparency for prices and quality of healthcare services, as folks are evolving into Homo informaticus — information-hungry digital beings who seek health engagement via multiple platforms, 24×7.

Ten years later since the Recession hit, Americans’ health information is now mostly loaded into electronic health records systems, and people appreciate that doctors and hospitals have come into the 21st century when it comes to personal health information. People are more comfortable with digital health information in 2017 as they have gone digital in daily living. One of the most telling points in the Accenture study is that a plurality of people gained trust following a health breach based on how the attacked organization responded to them. That trust was gained because the breached organization was transparent and open about the breach and the subsequent actions taken to ameliorate the situation.

Another study confirms Accenture’s finding that consumers don’t trust government as much to protect personal data, even beyond health information. Gigya’s 2017 State of Consumer Privacy and Trust survey found that only 32% of Americans expect the Donald Trump Administration to make personal data more secure. (Note that Britons are even less confident in Theresa May’s ability to secure personal information in the UK).

Accenture asserts that healthcare consumers are increasingly security-aware. Protecting and keeping private peoples’ private health information is now an integral component to being a trusted, valued healthcare provider.