The Financial Impact of Breached Protected Health Information: A Business Case for Enhanced PHI Security explores the reputational, financial, legal, operational, and clinical repercussions of a protected health information (PHI) breach on an organization, and provides a 5-step method – PHI Value Estimator (PHIve)- to assess specific security risks and build a business case for enhanced PHI security. This tool estimates the overall potential costs of a data breach to an organization, and provides a methodology for determining an appropriate level of investment needed to strengthen privacy and security programs and reduce the probability of a breach. A detailed example of costing a PHI breach using the PHIve method is provided.
The Financial Impact of Breached Protected Health Information: A Business Case for Enhanced PHI Security also offers information about:
- the stakeholders involved in the health care ecosystem;
- the evolution of laws, rules and regulations designed to protect PHI;
- the causes and increasing number of data breaches;
- the most common threats and vulnerabilities to the security of PHI;
- safeguards and controls that organizations can put in place to mitigate the risk of a breach; and
- current industry practices and attitudes for protecting PHI, based on a survey.
