A recent survey conducted by Accenture reveals a lot of information about consumers and their experiences with a health care data breach.
The survey released by Accenture detailed information regarding health care data breaches, including cost, number of people notified versus breaches discovered, and the type of information stolen.
The stolen information was used to purchase items in 37 percent of the cases or used for fraudulent activities, such as billing for care (37 percent) or filling prescriptions (26 percent). Nearly one-third of consumers had their social security number (31 percent), contact information (31 percent) or medical data (31 percent) compromised. Unlike credit-card identity theft, where the credit card provider generally has a legal responsibility for account holders’ losses greater than $50, victims of medical identity theft often have no right to recover their losses.
Patients who experienced a data breach had to pay, on average, about $2,500 dollars to rectify the situation. Often, after a breach, health care organizations suggest that information was not accessed and don’t offer anything to patients affected by the security incident. If a breach occurs, health care organizations could offer credit monitoring as a way to bring patient trust back.
Half of consumers discovered the issue by looking at a credit card statement or an explanation of benefits, while 33 percent were notified by a health care organization and 17 percent were notified by a government agency. This suggests that health care organizations often don’t discover a breach internally, so many breaches may not even be reported.
In response to the breach, 91 percent of the consumers who were data-breach victims took some type of action. Some changed health care providers (cited by 25 percent), insurance plans (21 percent) or sought legal counsel (19 percent). Others took personal steps, such as changing login credentials (29 percent), subscribing to identity-protection services (24 percent) or adding security software to their computer (20 percent). Only 12 percent of data-breach victims reported the breach to the organization holding their data.
Start using our HIPAA compliance tool today to better understand what you can do to protect your patients from these types of costs. Don’t risk losing patients because of a data breach that you could have avoided.