According to the Ponemon Institute study, the healthcare field has the highest cost per breached record of any industry: $402 for 10,000 records that adds up to $4,020,000
Fines will be charged when violations are found. So, you must consider the following five items when you view your business, can your company withstand:
Damage to your Reputation
Just the media announcement would tarnish the reputation of your practice. Study has shown that nearly 7% of patients are likely to switch to another provider. You would also have a drop in the number of new patients, loss of partners, and even the loss of staff.
The soaring number and costs of lawsuits, fines and penalties from the State and OCR could be devastating. We are talking about penalties as high as $50,000 per breach and up to $1,500,000 for repeat violations. Even Class-Action lawsuits following a breach can be very costly to mitigate or settle.
Clean-up can be staggering! The cost of remediation/mitigation, the notifying affected individuals, cost of changing vendors (if the breach was caused by a BA), the cost of offering credit and ID theft monitoring for your patients (this could run as high as $25/month per patient) and more. If 10,000 patients were involved, the theft monitoring could cost $250,000/month or $3,000,000/year for at least 2 years.
If employees are involved and you have to replace them, the cost of a hiring and training can be expensive.
When patient records are compromised the confidentiality, integrity and availability could cause patient safety issues. The breach could also cause fraudulent medical claims, causing your organization's quality scores to plummet.
When we look at all of the factors, the true cost of a healthcare data breach is about $700 per compromised record. If 10,000 records are breached, the true cost would be about $7,000,000. Could your organization afford this?
We at JA Brown Consultants are an independent audit group that can evaluate HIPAA readiness and assist the staff in any changes that are to be done. We give an outside view of any violations found. We are a true independent third party consultant as HIPAA requires. Sometimes working in the environment day to day has a tendency to overlook items. We look at things with a fresh eye. Let us catch them first!
Share on Facebook
Share on Twitter
HIPAA, if you know it or not, is for your protection. Do you fully understand HIPAA?