How Data Breaches Affect Hospitals

Throughout their shifts, nurses collect and access information using electronic devices such as computers, laptops, tablets and smartphones. Without the proper security precautions, this information may be exposed to cybercriminals. Data breaches can be costly and generate long lasting repercussions for both healthcare organizations and patients.

Because nurses spend more time with patients and patient data than other providers, it’s crucial they understand how to protect that data. Nurses interested in data management and cybersecurity may want to consider earning a Master of Science (MSN) in Nursing Informatics.

Why Do Cybercriminals Target Healthcare?

Healthcare organizations gather and store vast amounts of personal information, which makes them attractive targets for cybercriminals. Stolen information may be sold on the dark web, for example, for significant amounts of money. Buyers may use it to commit identity theft and insurance fraud or to purchase medical services, equipment and prescription medications.

Medical records are coveted by thieves because they provide information of a more permanent nature. A person can close bank accounts, cancel credit cards and change passwords to restrict access to financial information. But a patient’s name, address information, phone number, social security number and medical history hold the keys for cybercriminals to commit identity theft and insurance fraud, for instance.

How Often Do Hospital Breaches Happen?

The Ponemon Institute’s 2016 report, Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data, states that data breaches happen regularly in healthcare. The study included 91 healthcare organizations. The research results showed that almost 90% of the healthcare organizations had a data breach within two years of the study and 45% had more than five during the same time period. The majority of the breaches consisted of fewer than 500 records.

Why Do Data Breaches Occur?

Many common risk factors contribute to data breaches. The Ponemon Institute lists these reasons for the increase in breaches:

  • Lack of resources for a proactive approach to data security
  • Employee negligence
  • Outdated systems
  • Infrequent vulnerability testing
  • Inadequate data protection
  • Stolen laptops
  • Infected USB drives

What Damage Do Data Breaches Cause?

The damage caused by hospital data breaches can negatively affect patients and their healthcare organizations.

The loss or alteration of medical records can jeopardize a patient’s health. Without health history data, nurses may even have difficulty delivering proper care.

When electronic health records (EHRs) and other hospital systems are hacked, a hospital may face substantial penalties for violations of the Health Insurance Portability and Accountability Act (HIPAA). Additionally, healthcare organizations may lose patients to other facilities, and the damage to their reputation can be difficult to undo.

What Is the Cost of Breaches in Healthcare?

Healthcare is the hardest hit industry with the highest average cost for data breaches. At $6.45 million per episode, data breaches cost 65% more in healthcare than in other industries, according to IBM Security. The cost per lost record was $429. It can take healthcare organizations years to recover from a breach.

What Can Hospitals Do to Prevent a Breach?

Hospitals can prevent breaches by implementing security protocols for inputting, storing and retrieving information. Other steps healthcare organizations can take include:

  • Educating patients and employees about cybersecurity to reduce the risk of unauthorized entry
  • Encrypting data so information cannot be downloaded
  • Creating incident response plans to identify, shut down and handle data breaches
  • Implementing password protection policies that include frequent changes, safe storage and no sharing
  • Utilizing cloud-based systems, which provide a backup of records

Nurses need to ensure that patient data is protected. Not only is the theft of health information a serious matter, but many medical devices contain embedded computer systems that can be attacked; devices that are hacked may even be used to harm patients. The dangers of data breaches are not only costly but also life-threatening.

MSN in Nursing Informatics programs prepare nurses to be experts in healthcare data management. Such programs enable nurses to gain specialized knowledge in healthcare technology and information systems so they can support the nursing practice, reduce errors, cut costs and improve patient outcomes.

Learn more about Northeastern State University’s online MSN in Nursing Informatics program.


Healthcare Innovation: Report: For 9th Straight Year, Healthcare Organizations Hit Hardest From Data Breaches

Forbes: Why Cyber-Criminals Are Attacking Healthcare — And How to Stop Them

HealthWorks Collective: Healthcare Data Breaches: What Are the Risks?

FierceHealthcare: Healthcare Data Breaches Cost an Average $6.5M: Report

Healthcare IT News: Data Breach Costs Continue to Rise Across Healthcare Industry

American Nurse Today: Cybersecurity and Healthcare Records

American Hospital Association: The Importance of Cybersecurity in Protecting Patient Safety

IBM Security: How Much Would a Data Breach Cost Your Business?

Ponemon: Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data What Is Nursing Informatics?

Related Articles

Have a question or concern about this article? Please contact us.

Our Commitment to Content Publishing Accuracy

Articles that appear on this website are for information purposes only. The nature of the information in all of the articles is intended to provide accurate and authoritative information in regard to the subject matter covered.

The information contained within this site has been sourced and presented with reasonable care. If there are errors, please contact us by completing the form below.

Timeliness: Note that most articles published on this website remain on the website indefinitely. Only those articles that have been published within the most recent months may be considered timely. We do not remove articles regardless of the date of publication, as many, but not all, of our earlier articles may still have important relevance to some of our visitors. Use appropriate caution in acting on the information of any article.

Report inaccurate article content:


Submit this form, and an Enrollment Specialist will contact you to answer any questions.

Or call 844-351-6656

Dots graphic

Ready to Get Started?

Start your application today!

OR CALL 844-351-6656 844-351-6656

for help with any questions you have.

Dots graphic