Things You Should Know About Healthcare & Privacy

Listen to this article

Healthcare and privacy go hand in hand. If you run any type of healthcare organization, you know that patient privacy is one of the most important parts of running your business. It’s also one of the most difficult things to manage, as you’ll see. 

The folks at healthcare privacy very seriously. In addition to maintaining healthcare privacy with all the services they offer, they want to help inform you of tips you can use to improve the healthcare privacy in your business. Here are 7 things you should know about healthcare and privacy.

#1 – Your Cybersecurity Budget is Probably Underfunded

According to a recent survey, healthcare organizations said that only 3% of their annual IT budgewas given to a cybersecurity budget. Ransomware and other cybersecurity breaches are becoming increasingly common, and personal health information (PHI) is as much at risk as other personal data. A cybersecurity breach can cost millions of dollars, so increasing the budget is worth the cost.

#2 – Privacy Violations are Expensive

Civil penalties alone can cost as much as $1.5 million per year for HIPAA privacy violations. If you add in the cost of class-action lawsuits and lost patients, your healthcare business could lose millions of dollars from a healthcare privacy breach.

In fact, the average global cost of a data breach was $3.86 million in 2018. The United States was at the top of world costs, with an average data breach costing nearly $8 million.

#3 – Identifying and Containing Privacy Breaches Takes a Long Time

On average, it takes more than 6 months (197 days) to identify that a privacy breach has occurred. It then takes more than 2 months (69 days) to contain a breach. The longer it takes to identify and contain a breach, the more it costs to manage the problem.

#4 – Patients Switch Providers After Breaches

In a 2015 study, 54% of patients said they were “very” or “moderately” likely to switch healthcare providers after a healthcare privacy data breach. That’s a lot of lost revenue down the road from lost clients – not to mention the loss of potential new clients who may refuse to consider you. It could take many years to recover your image and lost revenue from a privacy breach – would your business survive?   

#5 – The Majority of Patients Withhold Information From Their Doctors

A 2016 study showed that 87% of patients are unwilling to share all their healthcare information with their providers. This can have devastating, potentially deadly consequences, especially if a patient fails to disclose a serious health condition or its related medications to their doctor. That doctor could then prescribe a medication that worsens the undisclosed health condition or causes complications when combined with medications the patient didn’t mention they were taking.  

Aside from the financial cost of a privacy breach, the loss of trust patients now suffer could have terrible human costs. What steps can you take to improve the level of trust your patients have in their healthcare providers?

#6 – The Healthcare Industry is More Vulnerable Than Other Industries

The FBI (Federal Bureau of Investigation) warned that the cybersecurity systems of healthcare providers are more susceptible to attack than other industries. That’s due in part to the fact that healthcare information is more valuable on the black market than credit card information because it has details that people can use to obtain controlled substances or access bank account information.

As a result, healthcare businesses should be spending more money on cybersecurity than businesses in other industries rather than less.

#7 – Employees are Selling Confidential Data

18% of employees in the healthcare industry – nearly one in five – reported that they would be willing to sell confidential information for as little as $500 to $1000. In the same study, nearly one in four employees (24%) reported that they knew somebody who actually had sold confidential information. In addition, one in five employees (21%) keep their user login information and password next to their computer.

How can you encourage your employees to protect your patient’s healthcare privacy? Employees may be the biggest hole in your privacy law compliance.

Are You Prepared?

As you can see, there are a lot of different ways that your company can suffer problems with healthcare and privacy. Now that you’re aware of some of the ways that your business may be vulnerable to leaks and hacks, you can start taking steps to improve your organization’s privacy compliance.