Would You Ditch Your Health Care Provider If They Lost Your Data?

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://blog.credit.com/2015/03/would-you-ditch-your-health-care-provider-if-they-lost-your-data-112486/

Consumers don’t have a lot of patience for data breaches. If a cyberattack
compromises their information, consumers want the affected company to
notify them quickly and protect them from fraud. Though even if that
happens, it may not be reassuring enough for someone who feels their
privacy has been violated.

A new survey from TransUnion Healthcare asked recent health care recipients
to describe what they would do if their health care provider experienced a
data breach. The results could indicate a grim future for any health
services company that gets breached.

More than half of recent patients surveyed said they would switch health
care providers if their data was breached, and 65% said they would avoid a
health care provider that had experienced a breach. TransUnion Healthcare
conducted the survey of 1,228 U.S. patients who received medical care at a
hospital, clinic or doctor’s office in the past two years. The survey was
conducted in Feb. 2014.

Whether people would actually leave their doctor or avoid a certain
hospital because of a data breach can’t be predicted, but even if a portion
of people follow through on their intention to avoid health care providers
that have been breached, such an event could seriously damage those
businesses.

Data breaches present quite the customer-service challenge, because
patients want a lot from a company and may still decide to leave. Here’s
what the TransUnion survey discovered about patient expectations:

46% expect a response or notification within one day of the breach
31% of consumers expect to receive a response or notification within one to
three days
72% expect providers to offer at least one year of free credit monitoring
59% of consumers expect a dedicated phone hotline for questions
55% expect a dedicated website with additional details

Depending on the information compromised in a data breach, identity thieves
may be able to do some serious damage to those caught up in it, so it makes
sense consumers would want swift action from an affected company. The
reality is there’s no single way to best prevent identity theft or fraud
after a breach, because there are so many things that could happen,
including credit fraud, medical identity theft and criminal identity theft
(when someone uses your ID to commit crimes).

The best thing you can do as a consumer is keep a close eye on your account
activities and credit reports (you can also get a free summary of your
credit report every month on Credit.com to monitor for changes), and as
soon as you see a sign of identity theft, investigate it and file a police
report if necessary.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!