IBM study shows data breaches are 65% more costly in healthcare than any other industry

According to the 2019 edition of IBM Security and Ponemon Institute’s annual Cost of a Data Breach Report, data breaches cost the healthcare sector an average of 65% more per record than they cost any other industry.

The study, which examines the financial impact of data breaches on organizations across the world, gathered data by interviewing 500 organizations across 17 countries who experienced a data breach in the last year. It determined costs by examining hundreds of cost factors, such as legal, regulatory, and technical activities as well as loss of brand equity, customer turnover, and the drain on employee productivity.

The study showed that the average total cost of a data breach in the healthcare industry was $6.45 million, or $429 per record. The finance industry experienced the second highest average total cost of a data breach at $5.86 million, or $210 per record.  Meanwhile, the global average total cost of a data breach was $3.92 million in 2019, an increase from an average total cost of $3.86 million in 2018.

The report’s authors noted that the data for the healthcare industry may be slightly skewed because all healthcare companies in the study were located in the U.S., which has the highest per-record cost of data breaches globally ($242 per record in the U.S. compared to $150 per record globally). In other countries, healthcare is classified as a public sector organization and therefore is not separated as a different industry the way it is in the U.S.