As we all know, massive data breaches have become far too common in recent times. Of course, healthcare execs are aware of how this looks to the public, and are taking steps to keep members of the public from getting too concerned.
According to a study published early this year, one way hospitals are fending off damage to their reputation is advertising, with data breaches associated with a 64% increase in annual advertising spending. They also engage in crisis management strategies such as reassuring consumers that they’re taking all of the proper steps to prevent the problem from happening again and offering credit monitoring to those affected by breaches.
Perhaps a result of these efforts, consumers still trust healthcare organizations to keep their personal information secure more than they do other industries. A new study by Politico and the Harvard T.H. Chan School of Public Health found that 34% of respondents reported having “a great deal” of trust in their doctor’s office to keep their personal information secure, which beats even their trust in their primary bank. Twenty-four percent had a similar level of trust in the hospitals they use, followed by just 17% with high trust in health insurance companies.
On the other hand, those statistics aren’t exactly reassuring either, as the bulk of consumers are worried that their health data is vulnerable. For example, 59% of patients who use patient portals reported that they were either very or somewhat concerned that unauthorized people may be able to gain access to their personal health data stored there.
Given that healthcare is becoming more data-driven by the day, providers can ill afford to let patient trust in how we protect such data fall further. The time is now to prevent patient trust in our data stewardship from slipping any further.
For the near future, it’s likely that all we can do is make a point of reassuring patients that we’re taking the right steps to protect their data. Tactics, such as offering free credit monitoring services and maintaining clear, prompt communication with the public post-breach are important too. But these are efforts are just damage control.
Ultimately, we’ve got to get much better at actually preventing breaches from happening in the first place. Yes, this calls for some big investments in specialized technology, smart IT recruiting, staff training and up-to-date security procedures, but there’s no excuse for procrastinating on this. After all, If consumers lose confidence in our ability to keep their health data private, eventually they’re going to walk away.