Our guest blogger this week is Dr. Larry Ponemon, Chairman and Founder of the Ponemon Institute.

Our latest study, Aftermath of a Data Breach Study, was conducted to better understand how a data breach affects organizations over the long term. In this study, IT professionals weigh in on how their organizations dealt with a data breach that had both serious financial and reputational consequences. While we asked respondents to focus on just one breach, 85 percent say that their organizations had more than one breach involving customer/consumer data in the past 24 months. It is interesting to note that in many cases it took a serious data breach to make privacy and data protection a greater priority and allocate additional resources to the IT security function.

While many respondents were unable to determine the root cause of the data breach, there is a consensus among respondents that insider negligence is making their organizations vulnerable to a data breach. As a result, organizations are investing in training and awareness and technologies that minimize the human factor risk.

The findings also show the concern organizations have about losing the loyalty of their customers. Of the IT practitioners surveyed, few felt that prompt notification to victims was enough to reduce the negative consequences of the data breach. This suggests that compliance with data breach notifications laws in and of itself is not sufficient if an organization is concerned about customer loyalty and reputation. Other lessons learned from the data breach are to limit the amount of personal data collected, limit sharing with third parties and limit the amount of personal data stored. We invite you to read the full report here.

Our guest blogger this week is Dr. Larry Ponemon, Chairman and Founder of the Ponemon Institute.

Join us on Tuesday, April 26th for a live webinar with Dr. Larry Ponemon presenting Medical Identity Theft Trends: The Importance of Securing Healthcare Data.

What are some of the dire consequences of medical identity theft? It could be the shock of receiving a collection letter requesting immediate payment for an expensive medical procedure you never had. Or, it might result in a mistake on your healthcare record that could threaten insurance coverage or worse yet cause you to receive the wrong medical treatment.

According to Ponemon Institute’s Second Annual Survey on Medical Identity Theft, we estimate that more than 1.49 million Americans have been targeted by this crime. With an average cost per victim of $20,663 the total national economic impact of medical identity theft crimes is more than $30 billion.

Why is medical identity theft on the rise? First, we found that consumers lack awareness about this crime, which could make them more complacent and more vulnerable. Second, medical identity theft is often a family affair. More than one-third of victims in our study say that it was a family member who took their personal identification credentials. Finally, the victims tend to be older with a greater likelihood of having Medicare and other Social Security benefits. They also may not be as savvy about the need to protect their medical identity.

Consumers can minimize their risk by safeguarding their medical credentials and making sure they provide sensitive information only to appropriate healthcare organizations that take the security of health records seriously. Consumers also should monitor health records and credit reports to make sure that if their identity is stolen the incident can be resolved as soon as possible. In turn, organizations have a responsibility to protect patients’ records from being lost or stolen and to inform consumers of the need to safeguard their medical credentials. Taking such steps is critical to reducing this billion-dollar crime.