The American National Standards Institute’s The Financial Impact of Breached Protected Health Information revealed an epidemic of electronic privacy breaches in the healthcare industry. According to James Pyles, former general counsel at the department of U.S. Health, Education and Welfare and a principal at Washington law firm, Powers Pyles Sutter & Verville, “what we hope with this report … is that we help those involved in security to make the case in the boardroom that it is a whole lot cheaper to avoid a privacy breach or privacy violation than it is to react to one."
In their zeal to identify new revenue sources, healthcare organizations are ignorant of the huge risks and costs of data breaches. Pyles said cases surrounding healthcare security generally settle for about $20 million and that "almost every privacy breach is now followed by a class-action lawsuit."
This report is an eye-opener into the entire enterprise and the areas that are impacted by a data breach. It also includes a “calculator” to assess the potential costs of such a data breach. This should be required reading for every healthcare organization from hospital systems to health information exchanges.