Avoiding the inevitable does not make it go away.
Healthcare patients choose a provider based on the quality of care. In addition to that, the public will generally assume that their private information is safeguarded and not something that they need to verify or investigate before choosing that specific provider. By alerting them to something they assumed to be a non-issue, it is understandable to be concerned about the loss of business.
However, credit reporting agency Experian has recently found that this churn can be kept to a minimum with the proper response plan.
In July 2019, Experian surveyed 1,000 adults in the United States and found that 90% of those surveyed would be somewhat forgiving if they were informed promptly as a result of an organized communication plan being in place by their provider. Previous studies by Experian identify numbers that are more of a red flag to all parties.
It is in these studies that they found that only 34% of all breached response plans include some form of customer notification and that those plans are in place for only 52% of companies. So, the few that are ideally prepared have a greater chance of survival, and those who aren’t prepared have a full stack of odds against them.
How Can the Risks Be Lowered?
Have a breach response plan in place. This should be created by someone who knows their way around a breach and is ideally certified to assist with creating such a plan. Additionally, have cyber insurance as part of your in-place plan. This will allow you to call upon experts in the event that a (very likely) breach does occur. And as we identified above, ensure that your breach plan includes client communication.
Even if you don’t have all of the answers immediately, letting them know that you are aware of the breach and will keep them updated will go a long way. This increases the trust between you and your patients and makes it more likely that they will stay with your business following an incident.
66% of those surveyed would leave a practice due to slow or poor communication – don’t let this happen to your organization. It is better to be truthful up front than have to explain why you were dishonest in the past. People can accept mistakes, but they are less likely to accept being deceived.
This article was originally published on HIPAA Secure Now! .
Author: Art Gross