The Internet Security Alliance (ISA) in conjunction with the American National Standards Institute (ANSI) have released a new report titled The Financial Impact of Breached Protected Health Information: A Business Case for Enhanced PHI Security.
The report explores the reputational, financial, legal, operational, and clinical repercussions of a protected health information (PHI) breach on an organization, and provides a 5-step method – PHI Value Estimator (PHIve) - to assess specific security risks and build a business case for enhanced PHI security.
This tool estimates the overall potential costs of a data breach to an organization, and provides a methodology for determining an appropriate level of investment needed to strengthen privacy and security programs and reduce the probability of a breach. A detailed example of costing a PHI breach using the PHIve method is provided in the report.
The report also offers information about:
- the stakeholders involved in the health care ecosystem;
- the evolution of laws, rules and regulations designed to protect PHI;
- the causes and increasing number of data breaches;
- the most common threats and vulnerabilities to the security of PHI;
- safeguards and controls that organizations can put in place to mitigate the risk of a breach; and
- current industry practices and attitudes for protecting PHI, based on a survey.
The report is available for download at no cost from ANSI here.
The Internet Security Alliance (ISA) is a unique multi-sector trade association which provides thought leadership and strong public policy advocacy as well as business and technical services to its membership. The ISA represents enterprises from the aviation, banking, communications, defense, education, financial services, insurance, manufacturing, security, and technology industries. ISA’s mission is to integrate advanced technology with the realistic business needs of its members and enlightened public policy to create a sustained system of cyber security. www.isalliance.org
The American National Standards Institute (ANSI) is a private non-profit organization whose mission is to enhance U.S. global competitiveness and the American quality of life by promoting, facilitating, and safeguarding the integrity of the voluntary standards and conformity assessment system. Its membership is comprised of businesses, professional societies and trade associations, standards developers, government agencies, and consumer and labor organizations. http://www.ansi.org