CUPERTINO, CA – Healthcare organizations that are victimized by theft or loss of data are more likely to be hit by financial losses from declines in reputation and additional expenses, compared with other industries.
While healthcare organizations may not experience declines in revenue or losses in customers, they are likely to bear other expenses from such incidents, said Jim Hurley, managing director of the IT Policy Compliance Group and senior research manager for the Symantec Corp.
The IT Policy Compliance Group recently released data indicating estimates on both the likelihood of data loss and the estimated costs for ameliorating such incidents.
Taking action to protect sensitive data while improving compliance will result in significant financial return and concurrently enable rellocation of staff to more critical projects, researchers concluded.
The group’s research, covering 250 to 350 organizations each quarter, found that larger organizations are more likely to feel a greater financial impact from data losses. Hurley said about 6 percent to 7 percent of the group’s sample involves healthcare organizations.
The group estimates that expenses per lost customer record range from $137 per record for large enterprises with revenues of $1 billion or more to $60 per record for small businesses with less than $50 million in revenue.
Organizations with poor data protection practices, on average, could experience a loss or theft of sensitive data every three years, compared with a loss or theft every 42 years for organizations that apply the most stringent protection efforts, Hurley estimated.