Dedicated to providing the latest
HIPAA compliance news

Trust can be Regained with Prompt Data Breach Notices

Share this article on:

Disgruntled patients will be lost to other healthcare providers/insurers after a data breach; however there will not necessarily be a mass exodus provided the breach is managed properly. Get the breach response right and it can go a long way towards rebuilding patients’ trust in an organization.

Survey Indicates Americans Want the Truth about Data Breaches

 

A new survey conducted by Qualtrics, a company specializing in email data protection, indicates the general public is aware that data breaches are now a part of life; however trust in a retailer or healthcare provider is being lost after personal data is exposed. Trust in a HIPAA-covered entity may be lost, but it can be regained. The survey results suggest the best way to do this is with openness, honesty and the issuing of prompt data breach notices.

The study was conducted on a sample of 500 Americans aged between 18 and 75, with respondents asked their thoughts about data breaches and how their behavior has changed since the threat of a data breach has risen.

The data shows Americans want to be told the truth about data breaches. If a HIPAA-covered entity or retailer exposes data – through negligence or by accident – the public wants to know, and quickly. 84% of respondents believe a company suffering a data breach should “notify them [breach victims] right away and provide a high level of contact.”

Customers Want to Know a Company’s Data Breach History

 

The size of a data breach should have no bearing on the breach response according to the survey results. 92% of respondents said that all individuals whose data is stored by a company should be notified if a breach occurs, regardless of whether that person has been personally affected.

It would not be practical or cost effective to issue breach notifications to all individuals after every potential breach; but the survey shows that is the expected response. Americans want to know about data breaches – even if they are not personally affected – as the security record of a healthcare provider or retailer is important to them.

Furthermore, the public is staying abreast of data breaches and many people are taking an interest in the efforts companies are making to keep data secure. 70% of respondents said they keep up to data with data breach news, although only 51% said that they were knowledgeable about data security issues.

Opinion Divided on Where Responsibility for a Data Breach Lies

 

The public is divided over who should accept responsibility for a data breach. 48% of respondents believed the company suffering a data breach should take responsibility for it, and that the blame should lie with the IT department.

The survey was focused on the retail sector and indicates consumers are changing their shopping habits as a result of data breaches. 37% of individuals that have yet to become a victim of a data breach have already taken action and started shopping at stores they deem to be safer. 48% of individuals said they believed all retailers were vulnerable, and consequently there was no need to change their habits.

Whether the same feelings are felt when a healthcare provider exposes Social Security numbers and private healthcare data is another matter.

Author: HIPAA Journal

HIPAA Journal provides the most comprehensive coverage of HIPAA news anywhere online, in addition to independent advice about HIPAA compliance and the best practices to adopt to avoid data breaches, HIPAA violations and regulatory fines.

Share This Post On