Health execs' confidence on security belies sad state of industry breaches

• This is an excerpt from a story delivered exclusively to Business Insider Intelligence Digital Health Pro subscribers.
• To receive the full story plus other insights each morning, click here.

Healthcare professionals express a strong level of confidence when it comes to managing sensitive heath data: 70% of healthcare professionals are "very" or "extremely" confident in their knowledge of where their firm's data resides, according to a new Integris survey of execs and IT decision makers at 46 mid- to large-sized US healthcare organizations.

And while they're highly confident in data management, 60% of healthcare leaders - who are bound to more data-sharing agreements than pros from other industries - are only "somewhat confident" or "not so confident" their external partners' use of data is in compliance with their sharing agreements.

Here's what it means: Healthcare leaders' heightened confidence in data management comes as a surprise amid a growing cybersecurity crisis.

Data breaches racked the healthcare industry at a record rate in 2018, and 2019 is shaping up to keep pace.A total of 365 data breaches flooded the US healthcare industry in 2018, and health firms poured out more cash than ever in response: The cost of healthcare breaches globally rose to $408 per affected health record, up 7% from $380 in 2017.

And the issue is becoming more grave: We saw the two highest number of breaches since the HHS started keeping track in 2010 crop up in April and May of this year, and a grand total of 188 data breaches slammed the healthcare industry from January to May, per Modern Healthcare. I (Zoë) think healthcare leaders are overconfident in their ability to manage sensitive data since they're facing data breaches at alarming new rates.

The bigger picture: We think data breaches will inundate the healthcare industry at a higher rate than last year in 2019 and continue to spike in the coming years.

• Health firms depend on third-party vendors that are vulnerable targets for hackers. Health firms outsource tasks like billing, data management, and legal duties as a means of cutting costs, but as sensitive information is handed off, it's more likely to be compromised. Two of the US' largest clinical labs - Quest Diagnostics and LabCorp - were embroiled in 2019's largest healthcare breach earlier this month, exposing data of 20 million US customers. Despite the underlying issues with outsourcing, 80%of hospital execs considered outsourcing full revenue cycle management by 2019, according to a 2018 Black Book survey cited in Becker's Hospital Review.
• Health organizations' robust privacy management funding efforts aren't cutting it.Health firms pumped more funds into data privacy management than any other industry in 2018: Nearly half of the healthcare leaders surveyed spent between $100,000 and $500,000 on privacy efforts, compared with the 32% of respondents from other industries who spent the same. And 86% of healthcare professionals are planning on bulking up those budgets in 2019. We've covered health firms skimping on cybersecurity funding as a reason breaches abound, but funneling more funding into data privacy management likely won't do much to curb future breaches since increases in security funding haven't kept up with threats.

Interested in getting the full story? Here are two ways to get access:

1. Sign up for Digital Health Pro, Business Insider Intelligence's expert product suite keeping you up-to-date on the people, technologies, trends, and companies shaping the future of healthcare, delivered to your inbox 6x a week. >> Get Started

2. Subscribe to a Premium pass to Business Insider Intelligence and gain immediate access to Digital Health Pro, plus more than 250 other expertly researched reports. As an added bonus, you'll also gain access to all future reports and daily newsletters to ensure you stay ahead of the curve and benefit personally and professionally. >> Learn More Now