Breach Can Cost $2 Million, Study Says

Greg Freeman , January 13, 2012

This article appears in the January 2012 issue of HealthLeaders magazine.

A significant data breach can cost your organization $2 million, according to a study by the Ponemon Institute in Traverse City, MI. The research and consulting group found that hospitals are rushing to adopt electronic health records in an effort to cash in on government incentives, but they may not be prepared to adequately address data security and data privacy issues.


Here are some of the key findings of the study, Benchmark Study on Patient Privacy and Data Security:

  • Sixty percent of organizations in the study had more than two data breaches in the past two years.
  • The average number of lost or stolen records per breach was 1,769. A significant percentage of organizations, 38%, did not notify any patients.
  • The top three causes of a data breach were: unintentional employee action, lost or stolen computing devices, and third-party errors.
  • Forty-one percent discovered the data breach as a result of a patient complaint.
  • Sixty-three percent of organizations say it took them between one to six months to resolve the incident.

Leave a comment

Filed under Uncategorized

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s