Cyber attacks will cost US health systems US$305 billion in cumulative lifetime revenue over the next five years, according to a new Accenture report.
Accenture’s The $300 Billion Attack: The Revenue Risk and Human Impact of Healthcare Provider Cyber Security Inaction report predicts that one in 13 patients – roughly 25 million people – will have personal information stolen from healthcare systems by 2020. This includes social security data and financial records.
“What most health systems don’t realise is that many patients will suffer personal financial loss as a result of cyber attacks on medical information,” said Kaveh Safavi, managing director of Accenture’s global healthcare business. “If healthcare providers are complacent to safeguarding personal information, they’ll risk losing substantial revenues and patients as a result of medical identity theft.”
Nearly 1.6 million people had their medical information stolen from healthcare providers last year, according to the US Department of Health and Human Services Office for Civil Rights. Unlike credit card identity theft, where the card provider generally has a legal responsibility for account holders’ losses above US$50, victims of medical identity theft often have no automatic right to recover their losses.
Accenture estimates that 25% of the patients who are likely to be affected by healthcare provider data breaches by 2020 – around six million people – will subsequently become victims of medical identity theft. One in six of the affected patients will end up losing personal financial funds as costs for the breaches are expected to total almost US$56 billion over the same time period.
The report indicated that healthcare providers who proactively address cyber security could reduce the risk of attacks by an average of 53%. However, there is a significant gap in how well prepared they are to deal with these attacks.
Share this story