Reading Time: 3 minutesMarch 14, 2012 – Clearwater Compliance, a prominent HIPAA-HITECH compliance consultancy and software provider, announced today another upcoming free webinar entitled “How to Calculate the Cost of a Data Breach and What to Do About It.” Based on the new report recently published by ANSI and co-sponsored by Clearwater entitled “The Financial Impact of Breached Protected Health Information: A Business Case for Enhanced PHI Security”, the webinar will cover the methodology that an organization can use to calculate, specifically for itself, the estimated cost of a breach and how to use that information to build a solid rationale for an investment in strengthening their compliance program.
“The report highlights that breaches are occurring more frequently and involve more records,” said Mary Chaput, CFO and compliance officer for Clearwater Compliance. “Yet, the survey of over 100 industry participants conducted by the PHI Project found that the most significant impediment to achieving a strong privacy and data security posture is the lack of funding.”
Securing budget dollars to implement security enhancements is difficult in the best of times, and is especially tough in these tight economic times. The problem most organizations face today is justifying investments in privacy and security programs on the basis of “average breach cost” estimated in various white papers, which detail neither how the costs were developed nor allow for the possibility that some costs may not be relevant to every organization.
“It all comes down to money for an organization, multiple priorities vying for the same investment dollars,” Ms Chaput continued. “If healthcare industry leaders really understood the repercussions and costs resulting from a PHI breach, as well as the competitive advantages that increased security and HIPAA compliance could bring to their organizations, the return on investment in strengthening their compliance programs would be far more compelling.”
Business leaders and managers with responsibility for risk management or corporate compliance and HIPAA-HITECH Privacy and Security compliance officials who attend this 60-minute webinar will learn from industry experts how to assess specific security risks to their organization and build a strong business case for enhanced PHI security. The webinar will cover PHIve (PHI Value Estimator) – a 5-step method to estimate the overall potential costs of a data breach specific to an organization and how to use this information to calculate an ROI on initiatives that strengthen privacy and security programs and reduce the probability or impact of a breach. Additionally, the fundamentals of completing a HIPAA Security Risk Analysis, required of all Covered Entities and Business Associates, will be discussed.
“This important ANSI Report and timely webinar underscore the need for organizations to operationalize their risk management and compliance programs,” added Bob Chaput, CEO & Founder of Clearwater Compliance, “whether a covered entity or business associate or subcontractor, they will benefit from this webinar.”
Attendees will learn about the growing number of entities in the health care ecosystem that are responsible for protecting PHI; the evolution of the regulations, rules and laws; recent data breach information, who, what and how; information regarding inherent threats to PHI, vulnerabilities and safeguards; recent survey results on how the protectors of PHI feel about their ability to secure data; and the methodology for assessing risk in your organization and tools to help cost-justify more investment in security based on the potential risks and liabilities resulting from data breaches.
Mr. Chaput concluded, “Clearwater Compliance has helped health care covered entities and business associates of all sizes across the US strengthen their compliance programs through education programs, software and services. We are looking forward to sharing the learnings we gleaned from participating in the development of this report to those who can most benefit from it.”
The ANSI PHI Report may be downloaded at: webstore.ANSI.org/PHI/