Nearly one-half of Americans experienced a personal data breach in the past three years, the third annual national cybersecurity survey found.
Ensuring privacy and cybersecurity should become integrated into the healthcare industry’s consideration of a patient’s consumer experience.
This makes sense, given that privacy and cybersecurity ranked the second highest priority to hospitals and healthcare providers polled in HIMSS 2018 Healthcare Leadership Survey. Providers put patient safety as #1.
Appropriately, privacy and security were hot topics at HIMSS Annual Conference this year, in respond to providers’ demands for more education and concerns around the challenges.
Let’s put these concerns in context. In January 2018, over 400,000 patient records were breached. The second bar chart shows records breached by month from August 2017 through January 2018. Add these numbers up, just for these six recent months, and you tally over two million personal medical records breached.
Why are medical records such attractive candidates for bad cyber-actors? It’s Sutton’s Law, as in Willie Sutton: go where the money is. And it’s in personal health information: a medical record is valued 8 to 10 times the price of a credit card on the black market.
Accenture studied the impact of medical and personal information theft, estimating an impact on one in 13 patients between 2015 and 2019. The largest number of consumers will be for medical information theft will touch 25 million patients; and, 6 million people will be victims of medical identity theft. The growth of the number of impacted patients is shown in Accenture’s bar graph here.
Take this projection and look below at the forecasted financial impact on patients and providers: they would be at-risk of losing $305 billion of revenue due to nearly half of the patients quitting their systems after experiencing their personal data being breached.
Health Populi’s Hot Points: This last data point illustrates that providers at-risk of PHI security breaches are at-risk of losing patients’ trust…and therefore, patients’ business.
Trust is a precursor, truly essential, to the provider-patient relationship.
The vast majority of U.S. patients, as consumers, know the name “Equifax” and what hearing that brand means: the opposite of “trust,” as this market brand analysis pointed out. In healthcare, the response to a patient opting out of a health system is profound based on that individual’s response of walking with their feet away from the hospital or physician practice. But there’s more: the social aspect of health, the impact of “friends and family” reviews, and N-to-many social media reviews of providers, can magnify the problem and potential losses.
When healthcare providers consider the cost-benefit and ROI scenarios of making investments to secure personal health information and risk-manage breaches, think beyond the first-level of impact to longer-term consequences, both for hard-dollars as well as reputation risk and social-health-community exposure.
Know this: that two-thirds of consumers trust healthcare industries to ensure the privacy and security of their personal health data, the third annual cybersecurity study found. Consumers’ goodwill is there for the healthcare industry to lose.