2017 Consumer Survey on Cybersecurity and Digital Trust ... · • In Australia, data were weighted...
Transcript of 2017 Consumer Survey on Cybersecurity and Digital Trust ... · • In Australia, data were weighted...
ACCENTURE 2017 CONSUMER SURVEY ON CYBERSECURITY AND DIGITAL TRUST
US REPORT
OVERVIEW
• Accenture commissioned a seven-country survey of 7,580 consumers ages 18+ to assess their attitudes toward healthcare data, digital trust, roles and responsibilities, data sharing and breaches.
• The online survey included consumers across seven countries: Australia (1,000), Brazil (1,000), England (1,000), Norway (800), Saudi Arabia (850), Singapore (930) and the United States (2,000).
• The seven-country survey was conducted by Nielsen on behalf of Accenture between November 2016 and January 2017. (The US survey was conducted online between and November 15-28, 2016).
• The analysis provided comparisons by country, sector, age and use.
Copyright 2017 Accenture. All rights reserved. 2
METHODWith whom did Accenture work to conduct the quantitative survey?Accenture worked with Nielsen, who was responsible for the entire project including recruitment, screening of respondents, questionnaire development, analysis and report development.
Who was surveyed? 7,580 consumers total, ages 18+, in the US, Australia, Brazil, England, Norway, Saudi Arabia and Singapore who agreed to take part in the survey. This report includes results for US respondents only (2000 consumers, ages 18+).
How did Accenture recruit study participants? In the US, respondents were contacted through direct email invitations and notifications; respondents followed a unique link to the survey and completed it anonymously. Similar methods were used in other countries.
Was the questionnaire translated into the appropriate native language?Yes, the survey was translated into: Portuguese (Brazil); Norwegian (Norway); Arabic (Saudi Arabia). English (localized) was used for England, Australia, Singapore, and Saudi Arabia (English and Arabic options offered).
Are we confident in the quality of the respondents and that they meet the study criteria? All participants are consumers, ages 18+, residing in the countries specified and nationally representative. Participants’ details are double verified and were rescreened for this study to ensure participant quality.
What did we do to ensure balance and a representative sample?Data were weighted to be nationally representative of the general population in each country. • In Australia, data were weighted by age
by sex, education, region, and urbanization
• In Brazil, data were weighted by age by sex, education, region, and income socioeconomic group
• In England, data were weighted by age by sex, education, region, hours online and household composition
• In Norway, data were weighted by age by sex, education, region, household size, marital status, internet use in past 3 months and frequency of internet use
• In Saudi Arabia, data were weighted by age by sex, education, region, and nationality
• In Singapore, data were weighted by age by sex, education, ethnicity, and household size and marital status
• In the US, data were weighted by age by sex, education, race/ethnicity, region, income, size of household, employment status and internet usage per week.
Copyright 2017 Accenture. All rights reserved. 3
RESEARCH RESULTS: KEY FINDINGS
Consumers trust their physicians, pharmacies or hospitals they visit more than the government to keep their digital healthcare data secure.
3%
3%
3%
3%
4%
5%
5%
8%
10%
13%
10%
12%
13%
15%
14%
20%
19%
28%
33%
32%
52%
52%
54%
54%
54%
54%
54%
49%
43%
40%
36%
32%
30%
28%
28%
21%
21%
16%
14%
16%
My physician(s) or other healthcare providers
My pharmacy
Hospitals I visit
My health insurance company
Labs that process my medical tests
Urgent care or walk-in retail clinics I visit
IT support for my physician's office or other medical site
Non-medical staff at my physician's or healthcare provider's office
Tech companies (for wearables/health apps I use)
Government
BASE: ALL QUALIFIED RESPONDENTS (n=2000)Q615 Overall, how much do you trust each of the following people or organizations to keep your digital healthcare information secure?
Not at all Not very much Somewhat A great deal
Degree of Trust in Organizations to Keep Digital Healthcare Data Secure
88%
85%
84%
82%
82%
75%
75%
65%
57%
56%
TOP 2 BOX
Copyright 2017 Accenture. All rights reserved. 5
Copyright 2017 Accenture. All rights reserved. 6
The majority of US consumers have at least some confidence in the digital data security measures taken by their providers and insurers and somewhat fewer by the companies that make health apps or devices; relatively few have high confidence in any of these organizations.
Confidence in Security Measures to Protect Privacy and Security of Health Data
4% 4% 8%16% 18%
28%
58% 57%
46%
22% 22% 17%
Provider Health Insurance Company Health App/Device Company
Very confident Somewhat confidentNot very confidentNot at all confident
BASE: ALL QUALIFIED RESPONDENTS (n=2000)Q525/Q545/Q560 How confident are you that your healthcare providers/health insurance company/health app/device company’s security measures will protect the security and privacy of your digital healthcare data?
80%Top 2 Box
63%79%
One out of four US consumers has experienced a breach of their digital healthcare data. Half of those were a victim of medical identity theft.
88%37%
35%26%26%
12%7%
Fraudulently (net)
Purchase items
Fraudulently bill for care
Fraudulently receive medical care
Fraudulently fill prescriptions
Access or modify my health records
Something else
BASE: ALL QUALIFIED RESPONDENTS (n=2000) Q903 To the best of your knowledge, how many times, if at all, have you experienced a breach of your digital healthcare data? By breach we mean any scenario where your healthcare data might be accessed, viewed, or manipulated by someone who is not authorized to view it.BASE: EXPERIENCED A BREACH (n=463) Q990 Following the breach in your digital healthcare data, were you a victim of medical identity theft (as in, after a data breach, your information was used in a fraudulent way by someone else)? If you were a victim more than once, please answer for the most recent time a breach occurred.BASE: EXPERIENCED MEDICAL ID THEFT (n=212) Q995 You mentioned you were a victim of medical identity theft. How was your identity used? Please select all that apply.Q1000 Did you have to spend money as a result of the theft of your medical identity? BASE: SPENT MONEY DUE TO MEDICAL ID THEFT (n=185) Q1005 How much did you spend as a result of the theft of your medical identity?
Identity was used to…
26% experienced a breach (1 time, 9%; two times,
8%; 3-9 times, 9%)
Of those, 50% were a victim of medical
identity theft
As a result, 88% spent an average
of $2528
Copyright 2017 Accenture. All rights reserved. 7
Copyright 2017 Accenture. All rights reserved. 8
Among those who experienced a breach, one-third said it occurred in a hospital while one-fifth each mentioned an urgent care clinic, pharmacy, physician’s office or health insurance company that was holding their data.
36%22%22%21%21%
15%12%
9%9%
6%5%
Hospital
Urgent care clinic
Pharmacy
Physician's office
Health insurance company
Laboratory
Employer
Retail clinic
A tech/app company
Government
Other
BASE: EXPERIENCED A BREACH (n=463)Q945 You said you experienced a breach of your digital healthcare data. What type of company or organization was holding your data where the breach occurred?
Type of Company Where Breach Occurred
Copyright 2017 Accenture. All rights reserved. 9
Among those who experienced a breach, half found out about it themselves, about half were notified and about one-third learned about it passively.
50%
45%
36%
8%
Error noticed by respondent (Net)
Was notified proactively by entity/government (Net)
Learned about it passively (Net)
Some other way
BASE: EXPERIENCED A BREACH (n=463)Q955 How did you find out about the breach of your digital healthcare data?
How They Found Out About Breach
Among those who experienced a breach, three quarters had some type of medical information breached and half had personal information breached.
74%
31%
28%
23%
17%
10%
49%
31%
31%
7%
Medical Information (Net)
Electronic medical records
Health insurance ID number
Medical record numbers
Data from a health or medical condition tracking app
Biometric identifiers
Personal Information (Net)
Social Security number
Contact information
Other
BASE: EXPERIENCED A BREACH (n=463)Q960 What data were compromised in the breach of your digital healthcare data? Please select all that apply.
Data Compromised in Breach
Copyright 2017 Accenture. All rights reserved. 10
In response to the breach of their healthcare data, nine out of ten took some action to protect their data.
91%
29%
25%
24%
21%
20%
19%
14%
12%
5%
9%
Steps personally took in response to breach (Net)
Changed passwords or other credentials
Changed healthcare providers
Subscribed to identity protection service
Changed health insurance companies
Added additional security software to my computer
Got legal help
Involved the police
Reported it to the organization holding my data
Other
None of these
BASE: EXPERIENCED A BREACH (n=463)Q965 What steps, if any, did you take in response to the breach of your digital healthcare data? Please select all that apply.
Steps Personally Took in Response to Breach
Copyright 2017 Accenture. All rights reserved. 11
In response to the breach, nine out of ten reported that the company holding their data took some action including a third who said they were informed there was a breach.
91%36%
27%26%
24%23%22%
17%16%
9%1%
6%3%
Steps company took in response to breach (Net)
Informed me there was a breach
Explained how they fixed the problem causing breach
Added new security protocols
Explained consequences/potential consequences of breach
Provided identity theft protection
Explained how they would prevent future breaches
Covered/reimbursed me for any expense/damage from breach
Helped me find more security-oriented healthcare provider
Contacted law enforcement
Other
Not sure
Did not take any steps
BASE: EXPERIENCED A BREACH (n=463)Q970 What steps did the company holding your digital healthcare data take in response to the data breach? Please select all that apply.
Steps Company Took in Response to Breach
Copyright 2017 Accenture. All rights reserved. 12
Three-quarters felt the breach was handled very or somewhat well.
25%
51%
18%
6%
BASE: EXPERIENCED A BREACH (n=463)Q975 In your opinion how well was the breach handled overall?
How Well Breach was Handled
Copyright 2017 Accenture. All rights reserved. 13
TOP 2 BOX76%
Not well at all
Not very well
Somewhat well
Very well
The consequence of the breach varied with 41% gaining trust in the organization, 24% reporting no change in their trust and 34% losing trust.
12%
29%
24%
21%
13%How Breach Impacted Trust of Company
BOTTOM 2 BOX34%
BASE: EXPERIENCED A BREACH (n=463)Q985 How did the data breach impact your trust of the organization holding your digital healthcare data when the data breach happened? Do you trust them…?
Copyright 2017 Accenture. All rights reserved. 14
Much less
A little less
About as much as before
A little more
Much moreTOP 2 BOX41%