Data breach costs hit $4 million, are most expensive, Ponemon finds

The average global cost of data breach per every lost or stolen record is $158. Healthcare organizations, however, had an average cost of $355 per record, according to the new survey conducted by Ponemon.

In healthcare incident response plans, appointment of a CISO, employee training, awareness programs, and a business continuity management strategy result in cost savings, according to the Ponemon report, sponsored by IBM. And like other regulated industries, such as financial services, also include fines that drive the price higher.

Ponemon's 2016 Cost of Data Breach Study: Global Analysis reveals the average total cost of a data breach for the 383 companies participating in the research increased from $3.79 million to $4 million.

[Also: Healthcare cybersecurity must be proactive not reactive, expert says]

The average cost paid for each lost or stolen record containing sensitive and confidential information increased from $154 in 2015 to $158 in this year's study.

That said, the cost of a data breach has not fluctuated significantly, according to Ponemon, but the biggest cost is lost business.

Hackers and criminal insiders caused the most data breaches overall. Forty-eight percent of all breaches in this year's study were caused by malicious or criminal attacks.

[Also: Cybersecurity insurance, business agreements among major healthcare privacy pitfalls]

Ponemon also recommend that healthcare organizations recognize that undetected breaches can be more costly and that deploying encryption and endpoint security can help prevent breaches.

According to this year's findings, organizations in Brazil and South Africa are most likely to have a material data breach involving 10,000 or more records, while entities in Germany and Australia are least likely to experience a material data breach.

This article first appeared in HealthcareIT News.

Twitter: @Bernie_HITN