The actionable report - which provides health care organizations with a method to assess security risks and build a business case to better secure protected health information (PHI) - has been downloaded by more than 2,300 users since its March 5 release.
The publication explores the reputational, financial, legal, operational, and clinical repercussions of a PHI breach on an organization, and provides PHIve (PHI Value Estimator) - a 5-step method to estimate the overall potential costs of a data breach to an organization. With this tool, health care organizations can determine an appropriate level of investment needed to strengthen privacy and security programs and reduce the probability of a breach.
The Financial Impact of Breached Protected Health Information also offers information about:
The report was released on March 5, 2012, at a news conference at the National Press Club where White House Cybersecurity Coordinator Howard Schmidt spoke, followed by a Congressional briefing which included remarks by Joy Pritts, Chief Privacy Officer in the Office of the National Coordinator for Health IT at the U.S. Department of Health and Human Services.
The webinar was hosted by the publishers and founding partners of the "PHI Project" - a collaboration of the American National Standards Institute (ANSI), The Santa Fe Group/Shared Assessments Program Healthcare Working Group, and the Internet Security Alliance (ISA). In total, the PHI Project brought together a cross-section of more than 100 health care industry leaders from more than 70 organizations, including health care providers, payers and insurers, other health care services organizations, data breach prevention and recovery firms, legal experts on privacy and security, and others, providing a range of perspectives.