Data breaches are up—and they're costing healthcare providers millions

Data breaches are major operational disruptors that cost companies millions of dollars—and healthcare ends up getting hit the hardest. 

In 2018, the average cost of a data breach is $3.86 million, a 6.4 percent increase from 2017, according to IBM Security and Ponemon Institute’s “2018 Cost of Data Breach Study: Global Overview.”

IBM conducted more than 2,200 interviews with IT, data, protection and compliance professionals from 477 companies in 15 countries to compile its report.

The average cost per lost or stolen record is $148 across all industries. Within healthcare, the cost is $408 per record–almost twice as much as the next highest industry, financial.

“Heavily regulated industries such as healthcare and financial organizations have a per capita data breach cost substantially higher than the overall mean,” the report read.

In a separate analysis, the cost of megabreaches—ranging from one million to 50 million compromised records—varied from $39.5 million to $350 million.

The overall cost of a data breach depends on several factors, including the size or number of records lost or stolen, the time it takes to identify and contain a breach, loss of customers after the breach and effective management of the costs.

Breaches tend to cost more when companies lose more customers in the aftermath, according to the report. The healthcare industry is also more likely to experience customer churn than any other industry, with churn rates nearly double the overall average across industries. Customers may have high expectations for data protection in a highly regulated industry like healthcare and will find an alternative if a company loses their trust, according to the report.