An independent Ponemon Institute study sponsored by IBM recently examined the average cost of a data breach based on information from 350 participating companies. One of the findings it presents is the difference between the overall average cost of a data breach compared to the cost for healthcare: The latter group has an average as high as $363, twice as high as the global average of $154.
The qualitative data behind the 2015 Cost of Data Breach Study comes from 1,500 interviews conducted across 350 organizations. Like many of the countries included in the study , the United States respondents in general saw the average per capita data breach cost increase between 2013 and 2015, with the most recent figures labeling it as $217. This is the highest of all the countries mentioned, which include Germany, Brazil, the United Kingdom and Italy.
However, organizations based in the United States did not boast the highest average number of breached records at 28,070. It placed third overall in this list, behind India and the combined organizations of the United Arab Emirates and Saudi Arabia.
The study also lists the measures that might make breaches less damaging, at least financially.
"As shown, an incident response team, extensive use of encryption, employee training, business continuity management, CISO leadership, board-level involvement and insurance protection decrease the per capita cost of data breach," it states. "Third party involvement in the incident, lost or stolen devices, rush to notify, and consulting services increase the per capita cost of data breach (shown as negative numbers)."
For greater awareness of patient record vulnerability, health entities should safeguard their data against HIPAA violations and other signs of risk. Losing control of information security is serious and should be addressed before the event with the right advisory and user training.