5 Steps To Estimate Potential Costs Of A Data Breach

March 5, 2012

By  Kathleen Roney

The American National Standards Institute, The Santa Fe Group/Shared Assessments Program Healthcare Working Group and the Internet Security Alliance have announced a collaborative report which provides information for healthcare organizations to better understand and limit data breach risks and liabilities.

To view the original article please click here.

According to the report, healthcare organizations can take immediate action against data breach risks using the Protected Health Information Value Estimator, a five-step method for assessing security risks. The five steps include:

1. Conduct a risk assessment: assess the risks, vulnerabilities and applicable safeguards for each “protected health information home;”
2. Determine a security readiness score for each PHI home by determining the likelihood of a data breach based on the security readiness score;
3. For each PHI home, examine the relevance, either applicability or likelihood, of a particular cost and apple a relevance factor;
4. Determine the impact by multiplying the relevance by the consequence;
5. Add up all adjusted costs to determine the total adjusted costs of a data breach to the organization.

For more information and to download a free copy of the report, click here.