The negative financial consequences of healthcare data breaches continue to worsen. Even a single healthcare data breach can easily end up costing millions of dollars in damages. Just last week, Oregon Health & Science University agreed to pay the Office of Civil Rights (OCR) $2.7 million for two data breaches in 2013 that involved more than 7,000 patients.  This is likely not the end of these costs for OHSU, as fines are only a single component of the significant and ongoing costs of a breach.  However, one of the challenges our C-Suite customers often face is quantifying the full financial impact of a breach, in order to prioritize privacy and security and make a business case to their board.  To this end, Protenus is launching a new series of blog posts to break down and clarify the financial costs of a healthcare data breach.

Why will criminals shopping on the black market pay at least 20 times more for patient records - and the ePHI they contain - than they will for credit card records? In addition to payment information, patient records contain an enormous number of personal details, ranging from medical history, to medications, to family history, all of which can be used for blackmail, identity theft, insurance fraud, and financial account hijacking.

It’s been an intense summer for the healthcare industry. The annual cost to the healthcare industry attributable to breaches of patient information is now more than $6.2B.* Today, Protenus is launching its new monthly Healthcare Breach Barometer with data compiled and provided by DataBreaches.net. The Breach Barometer is a monthly snapshot of reported or disclosed breaches impacting the healthcare industry and includes data from HHS.