A recent study conducted by the Ponemon Institute estimates that poor privacy practices and the accompanying data breaches cost hospitals about $6 billion each year.

Based upon interviews with 65 health care organizations, this break down in efficiency results from a facility’s failure to encrypt, loss or theft of devices, and disposal of unshredded documents. The study was sponsored by ID Experts, which sells services to protect against and respond to data breaches. Some other findings included:

• A full 60% of the organizations included in the study had more than two data breaches over the previous two years, at a cost of $2 million per organization.
• The average breach involved 1,769 lost or stolen records.
• Senior personnel at the organizations surveyed felt unprepared to prevent or quickly detect breaches. Some 58% of the organizations “have little or no confidence” in the ability of their organization to detect all patient data loss or theft.
• Patients were the first to detect data breaches, report 41% of the organizations.
• Most of the respondents have either put in place an electronic medical records system or are in the process of doing so. And 74% of those with an EHR system say it has made data more secure. Another 12% said the system made no difference in security, 10% say it made data less secure and 4% were unsure.[audio:http://hospitalstay.com/wp-content/uploads/2010/11/05-Been-Caught-Stealing-1.mp3|titles=Been Caught Stealing]

Additional Source:  The Wall Street Journal Health Blog