Ponemon Study Reveals Ninety-Four Percent of Hospitals Surveyed Suffered Data Breaches
Press on November 28, 2012
- Cyber Security
- Data Breach Notification
- Data Privacy
- Incident Response
TRAVERSE CITY, Mich. and PORTLAND, Ore. — December 6, 2012 — The Third Annual Benchmark Study on Patient Privacy & Data Securityby Ponemon Institute, sponsored by ID Experts®, reports that healthcare organizations face an uphill battle in their efforts to stop data breaches. Ninety-four percent of healthcare organizations surveyed suffered at least one data breach during the past two years; and 45 percent of organizations experienced more than five data breaches each during this same period. Data breach is an ongoing operational risk. Based on the experience of the 80 healthcare organizations participating in this research, data breaches could be costing the U.S. healthcare industry an average of $7 billion annually. Leading causes were lost devices, employee mistakes, third-party snafus, and criminal attacks. A new finding indicates that 69 percent of organizations surveyed do not secure medical devices—such as mammogram imaging and insulin pumps—which hold patients’ protected health information (PHI). Overall, the research indicates that patients and their PHI are at increased risk for medical identity theft. Risks to patient privacy are expected to increase, especially as mobile and cloud technology become pervasive in healthcare.
For a free copy of the Third Annual Benchmark Study on Patient Privacy & Data Security, visit http://www2.idexpertscorp.com/ponemon2012/.
For the data breach infographic visit http://www2.idexpertscorp.com/ponemon2012/Infographic/.
Key Findings of the Research
“Healthcare organizations face many challenges in their efforts to reduce data breaches,” said Dr. Larry Ponemon, chairman and founder, Ponemon Institute. “This is due in part to the recent explosion of employee-owned mobile devices in the workplace and the use of cloud computing services. In fact, many organizations admit they are not confident they can make certain these devices are secure and that patient data in the cloud is properly protected. Overall, most organizations surveyed say they have insufficient resources to prevent and detect data breaches.”
Data Breaches Are a Part of “Doing Business;” Significant Changes Need to Happen
“The trend continues: data breaches are increasing, patient information is at risk, yet healthcare organizations continue to follow the same processes,” said Rick Kam, president and co-founder of ID Experts. “Clearly, in order for the trend to shift, organizations need to commit to this problem and make significant changes. Otherwise, as the data indicates, they will be functioning in continual operational disruption.”
Recommendations for Healthcare Organizations
Kam offers five recommendations for healthcare organizations:
Free Webinar to Discuss Research Findings
A webinar with Dr. Larry Ponemon and Rick Kam will be held Thursday, December 6, 2012 at 10:00 a.m. PT. To register click here..
About the Study
TheThird Annual Benchmark Study on Patient Privacy & Data Securityutilized in-depth, field-based research involving interviews with senior-level personnel at healthcare providers to collect information on the actual data loss and data theft experiences at their organizations. This benchmark research, in contrast to a traditional survey-based approach, enables researchers to collect both the qualitative and quantitative data necessary to understand the current status of patient privacy and data security in the healthcare organizations that participated in the study.
About Ponemon Institute
Ponemon Institute is dedicated to advancing responsible information and privacy management practices in business and government. To achieve this objective, the Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a variety of industries.
About ID Experts
ID Experts delivers complete data breach care. The company's solutions in data breach prevention, analysis and response are endorsed by the American Hospital Association, meet regulatory compliance and achieve the most positive outcomes for its customers. ID Experts is a leading advocate for privacy as a contributor to legislation, a corporate and active member in both the IAPP and HIMSS, a corporate member of HCCA and chairs the ANSI Identity Management Standards Panel PHI Project. For more information, join the LinkedIn group All Things HITECH or All Things Data Breach; follow ID Experts on Twitter @IDExperts; and visit http://www2.idexpertscorp.com/.
Kelly Stremel or Lisa MacKenzie
MacKenzie Marketing Group
Note to Media:
Please visit the media resource site at http://www2.idexpertscorp.com/ponemon2012/Media-Resources-Ponemon-2012/ for the study, infographic and background information. To schedule an interview with Rick Kam or Larry Ponemon, please contact email@example.com.