The healthcare industry stands to lose $305 billion in cumulative lifetime revenue due to cyberattacks that will take place during the next five years, according to a report from Accenture.
It estimates that 1 in 13 patients--roughly 25 million people--will have personal information stolen from technology systems by 2020.
"If healthcare providers are complacent to safeguarding personal information, they'll risk losing substantial revenues and patients as a result of medical identity theft," Kaveh Safavi, M.D., managing director of Accenture's global healthcare business, said in an announcement.
Almost half of patients who participated in a Ponemon Institute survey said they would switch providers if their medical records were stolen. Taking that into account, Accenture estimates that each provider organization lost an average of $113 million of lifetime patient revenue for each data breach it suffered in 2014.
It advocates a risk-based approach to cybersecurity management, using analytics to detect events and threats, as well as a more rapid response to incidents. Moving to active-defense strategies can improve cybersecurity effectiveness by an average of 53 percent over two years, the company said. And cybersecurity has to start at the top.
Among Accenture's recommendations:
- Assess security capability. Determine where the organization stands and the resources required to support meaningful improvement.
- Manage complexity and integrate the enterprise. Establish an end-to-end security program and integrate it with existing enterprise-architecture processes.
A company's financial loss from a data breach has jumped to $3.8 million, up 23 percent from 2013, according to the Ponemon Institute.
And despite the high stakes, 75 percent of corporate boards are not involved in cybersecurity oversight, AT&T reported recently.