Prevent Increasing Costs of a Data Breach: Invest in HIPAA Hosting

September 13, 2011
77 Views


How much could a data breach incident cost your company? Based on the results of The Ponemon Institute’s recent 2010 Annual Study: U.S. Cost of a Data Breach, breach incidents are increasing both in direct and indirect costs. The healthcare, pharmaceutical, financial and communications industries are shouldering the greatest expense per record breach. On average, companies are spending 7 percent more per data breach event since 2009, up $7.2 million from $6.8 million. The study found a positive correlation between the number of records lost and the cost of an incident.

Direct costs of data breach incidents include customer notification, investigation and legal defense costs that directly impact a company’s’ bottom line. Class action suits and government fines can be extremely costly, as recent HIPAA enforcement has shown in the Cignet Health case ($4.3 million fine). Indirect costs include lost or diminished customer trust and confidence, as well as current or future customer business lost due to unusual turnover rates. Companies often end up with increased recruitment, marketing and new customer acquisition costs.

The average cost per compromised customer record increased 5 percent from 2009 to $214. The communications industry topped the highest average per-record costs at $380. Other industry sectors with the highest average per-record costs were financial and pharmaceutical at approximately $350. Industries with the highest churn rate in 2010 also included pharmaceuticals and healthcare.

Cost Per Data Breach By Industry, 2009-2010

What is causing these data breaches? The leading cause of data breaches is negligence. Non-deliberate negligence can stem from lack of knowledge or attention when it comes to compliance regulations for IT networks and infrastructures, or improper employee training on requirements, such as PCI compliance or HIPAA compliance. Deliberate negligence, by virtue of corporate policies that knowingly keep sensitive data at risk, is decreasing as hefty financial and criminal penalties are applied. Investing in HIPAA and HITECH privacy and security safeguards is worth the time and money, as prevention is the best way to reduce breaches and unnecessary costs. Many companies are considering partnering with a PCI or HIPAA hosting provider that already has the appropriate controls and infrastructure in place with independent, third party audits that verify compliance.

The second leading cause of data breaches is malicious attacks, or any intentional and organized data theft, from both inside and outside companies. The report recommends evaluating security policies of vendors that can guarantee data protection and have the appropriate procedures and controls in place. When looking for a hosting partner, ask if they have a SAS 70 or SSAE 16 audit, or a SOC report verifying best-in-industry security practices.

How can you prevent data breaches and unexpected fines and business expenses? The report recommends companies should seek centralized management of IT security in order to provide emphasis on best practices throughout their organizations. It also suggests that audited hosting providers are better able to comply with security policies and business-partner contracts. While technology is a major contributor to security, standardized polices and procedures are also critical to compliant hosting.

Sources:
Cost of a Data Breach Climbs Higher
Ponemon Study Shows the Cost of a Data Breach Continues to Increase
2010 Annual Study: U.S. Cost of a Data Breach

You may be interested

Where Is The Balance? Pushing Back Against Consumer Health Tech
eHealth
3 views
eHealth
3 views

Where Is The Balance? Pushing Back Against Consumer Health Tech

Larry Alton - August 18, 2017

When Republican Congressman Jason Chaffetz glibly remarked that Americans struggling to afford insurance should choose between that and their smartphones,…

What to Look for in Patient Solutions Software
eHealth
365 views
eHealth
365 views

What to Look for in Patient Solutions Software

Robert Cordray - August 17, 2017

The medical sector is one area where technology has had a significant impact, largely by providing tools that simplify many…

Can Natural Remedies Like RediCalm Decrease Stress and Anxiety?
Wellness
2 views
Wellness
2 views

Can Natural Remedies Like RediCalm Decrease Stress and Anxiety?

Ryan Kh - August 16, 2017

According to research from the National Institute of Mental Health, anxiety disorders are the most common mental illness in the…