For the eighth year in a row, healthcare organizations incurred the highest costs from data breaches, costing them an average $408 per lost or stolen record. Costs associated with data breaches in healthcare are nearly three times higher compared to other industries.
Sponsored by IBM and conducted by Ponemon Institute, the 13th annual Cost of a Data Breach study reveals just how dangerous it has become for healthcare providers to not take cybersecurity seriously.
The average cost for each lost or stolen record containing sensitive and confidential information, for all industries, has increased by 4.8 percent year over year and now sits at $148. For healthcare businesses, that figure is almost three times higher: $408 per lost or stolen record.
This year’s study includes an analysis of the costs associated with "mega breaches," from 1 million records upwards. Ponemon projects that for 50 million records lost, the average financial damage is $350 million.
The vast majority of mega breaches were the result of criminal attacks, not machine or human error. And because mega breaches are so disruptive, the average time to detect and contain one is 365 days. For smaller-scale breaches, it takes on average 100 days less (265) to deal with the aftermath.
The biggest problem following a breach is “lost business” – $118 million for breaches of 50 million records. The healthcare industry has the highest churn rate following a breach incident, as customers’ expectations are sky high when it comes to their wellbeing.
According to a recent IBM / Harris survey, 75 percent of U.S. consumers will not do business with companies they believe might be easy targets for hackers.