Lack of Cybersecurity Could Cost Healthcare Providers $305 Billion
Over the next five years, cyberattacks will cost U.S. healthcare providers $305 billion in cumulative lifetime revenue, according to a recent report by Accenture.
Accenture discovered that nearly 25 million people (1 in 13 patients) will have Social Security, financial, and other information stolen from healthcare provider technology systems over the next five years.
Not only will patients suffer financial losses, healthcare institutions will as well.
“If healthcare providers are complacent to safeguarding personal information, they’ll risk losing substantial revenues and patients as a result of medical identity theft,” said Kaveh Safavi, M.D., J.D., managing director of Accenture’s global healthcare business.
According to the U.S. Department of Health and Human Services Office for Civil Rights, nearly 1.6 million people had medical information stolen from healthcare providers last year. With credit card identity theft, consumers have recourse, as the card provider has legal responsibility to cover any financial loss over $50. However, victims of medical identity theft have no immediate or legal right to recover losses.
Accenture, a global management consulting, technology services and outsourcing company that operates in 120 countries, estimates that 25% of patients who are affected by data breaches (six million people) will become victims of medical identity theft over the next five years. Of those, four million people will end up paying out-of-pockets costs of almost $56 billion.
To control these breaches, Accenture said healthcare providers need to proactively improve their cybersecurity system, as this can thwart attacks by an average of 53%. However, there is a gap in the medical community between stopping attacks and handling attacks once the occur.
For the study, Accenture used security breach data from the U.S. Department of Health and Human Services and theft information from the Ponemon Institute to calculate the number of patients that could become the victims of medical identity theft. With this data, they were able to quantify the patient and healthcare provider costs of these breaches.