“An ounce of prevention is worth a pound of cure.” That adage is especially true when protecting your patient’s data.
In 2022, the average cost of a data breach was $4.35 million. Even more alarming than that price tag is that this cost increased by 2.6% between 2021 and 2022. It’s also worth noting that 86% of organizations often deal with more than one data breach.
By the end of 2023, it is projected that the total global cost of Cybercrime will reach $8 trillion. For perspective, if Cybercrime were a country, it would be the third largest economy in the world, behind only the US & China. Healthcare and utilities are now considered to have “Very High” cyber risk exposure by Moody’s (the highest risk category).
Cybercriminals know they can target organizations with attacks like social engineering to:
- Deploy ransomware – taking IT systems completely down and rendering them unrecoverable
- Exfiltrate data – steal data, then try to sell on the dark web
- Extort – threaten to expose the breach to your customers as part of a blackmail attempt
In reality, the attackers only need to be successful once to do some real harm to your ASC. In 2022 alone, the healthcare industry reported 849 business-impacting security incidents, 571 resulting in data disclosure.
Some of the costs associated with a data breach include:
- Third-party incident response fees (ranging from $30,000 to $150,000)
- Lost revenue from system downtime (canceled and rescheduled surgeries)
- Identity theft monitoring costs for impacted patients
- Rebuilding and restoring damaged systems
- Legal fees
- Increased insurance premiums
- Lost customers who choose to take their business to one of your competitors
The US Department of Health and Human Services (HHS) breach reporting requires that organizations publicly disclose a data breach if 500 or more healthcare records are compromised. Having your ASC’s name displayed on the HIPAA Breach Portal (a.k.a., the “Wall of Shame”) is something that most ASC leaders would like to avoid.
As your ASC works to optimize its performance, the last thing you need is an unexpected (and likely preventable) security incident to hit your OpEx budget and throw your KPIs out the door.
The partners you select to help your ASC be successful matter, and you should be able to leverage their investment in cybersecurity to help your ASC keep your operating expenses down.
HST regularly publishes security articles to help ASCs identify cyber risks in their environment and allow the ASC to make informed decisions to help reduce their cyber exposure risks.
Read this article to learn how to better prepare for a data breach. Or, better yet, because we must all learn not to click on disguised hyperlinks, copy and paste the following address into a web browser: hstpathways.com/2022/06/16/proactively-preparing-for-a-security-breach.
And you can visit this site (hstpathways.com/security-overview) to learn more about HST Pathways’ commitment to cybersecurity.