The impact of healthcare cybersecurity on ENGLISH consumers · The impact of healthcare...
Transcript of The impact of healthcare cybersecurity on ENGLISH consumers · The impact of healthcare...
The impact of healthcare cybersecurity on ENGLISH consumersAccenture 2017 Consumer Survey on Healthcare Cybersecurity and Digital Trust
Source: Accenture 2017 Consumer Survey on Healthcare Cybersecurity and Digital Trust
22
English consumers trust healthcare organisations to protect their digital data—and almost all take action if it is breached.According to an Accenture survey, healthcare consumers believe that healthcare providers are taking measures to protect patients’ digital healthcare data, yet four in every five English consumers are worried about a data breach and just over one-third said their trust was impacted when they experienced one. Indeed, nearly all English consumers (94 percent) said they took some action to protect their data following a breach, such as seeking legal help (27 percent), subscribing to an identity protection service (22 percent) or changing passwords (22 percent). Interestingly, despite the threat of breaches occurring, consumers have more confidence in their physicians or healthcare providers than in government or health technology companies.
To better understand consumer attitudes toward healthcare data, digital trust, roles and responsibilities, data sharing and breaches, Accenture conducted a survey across seven countries. This report focuses on results from consumers in England and on healthcare-specific cybersecurity and digital trust.
By examining digital trust and the impact of breaches, healthcare providers can better understand risks, the importance of building resilience and security capability and the need to respond proactively in the event of a breach.
DIGITAL HEALTHCARE DATAPersonal health information that is stored electronically, such as in electronic health records maintained by a person’s doctor or healthcare provider, wearable health devices, mobile apps or health insurance records.
DIGITAL TRUST The confidence placed in an organisation to collect, store and use the digital information of others in a manner that benefits and protects those to whom the information pertains.
Source: Accenture 2017 Consumer Survey on Healthcare Cybersecurity and Digital Trust
3
A significant majority of consumers (84 percent) trust their physicians or other healthcare providers to keep digital healthcare data secure. In fact, 30 percent have “a great deal” of trust in these entities. A high percentage of people trust the labs that process their medical tests (80 percent), the hospitals they visit (79 percent), their pharmacy (77 percent) and IT support for their physician’s office (74 percent). Far fewer trust the government (59 percent) or the tech companies (42 percent) that develop the wearables and health apps that they use (Figure 1).
English consumers set limits on who they trust to keep healthcare data secure
Not at all Not vey much Somewhat A great deal
My physician(s) or other healthcare providers
My pharmacy
Hospitals I visit
Urgent care or walk-in retail clinics I visit
IT support for my physician’s o�ice or other medical site
Non-medical sta� at my physician’s or healthcare provider’s o�ice
Tech companies (i.e., for wearables/ health apps I use)
Government
Labs that process my medical tests
84%
3%
4%
4%
4%
5%
6%
9%
13%
16%
13%
16%
17%
19%
21%
25%
31%
28%
42%
54%
56%
52%
58%
58%
52%
51%
47%
37%
30%
24%
27%
19%
16%
17%
10%
12%
5%
80%
79%
77%
74%
69%
61%
59%
42%
+
FIGURE 1. Healthcare consumers have varying degrees of trust in healthcare providers.
MOST TRUSTED
LEAST TRUSTED
42%
84%84++F100+F42++F100+F
My physician(s) or other healthcare providers
Tech companies for wearables or health apps
Source: Accenture 2017 Consumer Survey on Healthcare Cybersecurity and Digital Trust
4
Very confident Somewhat confidentNot very confidentNot at all confident
Provider
Health app/device company
5%
13%
25%
41%
58%
40%
11%
5%
English consumers have confidence in traditional healthcare relationshipsSlightly more than two-thirds of English consumers (69 percent) have at least some confidence in the digital data security measures their providers are taking, yet just 11 percent identify themselves as very confident. By comparison, less than half (46 percent) are confident in the security measures that health app and device companies have taken to protect privacy and secure health data— only 5 percent being very confident in these companies (Figure 2).
FIGURE 2. English consumers have greater confidence in the security measures taken by healthcare providers than in those by app/device companies.
Source: Accenture 2017 Consumer Survey on Healthcare Cybersecurity and Digital Trust
5
Despite English consumers’ trust, healthcare data is being stolenWhile just 13 percent of English consumers has experienced a breach of their digital healthcare data, more than half of these (56 percent) were victims of medical identity theft. Of those, most often the stolen identity was used to fraudulently fill prescriptions (42 percent). Stolen IDs were also used for other fraudulent activities that include receiving medical care, billing for care and purchasing items (Figure 3). Among those who experienced identity theft, most consumers report the incident cost them an estimated £172, on average, per incident.
15%
Purchase items
25%
Fraudulently bill for care
35%
Fraudulently receive medical
care
42%
Fraudulently fill prescriptions
24%
Access or modify health
records
FIGURE 3. English victims of medical identity theft report stolen IDs were used for fraudulent activities.
Source: Accenture 2017 Consumer Survey on Healthcare Cybersecurity and Digital Trust
6
35%
Government 11%
Employer
A tech/app company
Laboratory 12%
14%Retail clinic
Urgent care clinic 21%
Physician's o�ice 19%
Pharmacy
Hospital 29%
11%
11%
Among those English consumers who experienced a breach, just over one-third (35 percent) said it occurred in a pharmacy—the fourth most trusted entity to keep data secure. This breach location was well ahead of other places such as a hospital (29 percent), an urgent care clinic (21 percent) and a physician’s office (19 percent). The lowest percentage of breaches occurred at an employer, government entity or a tech/app company (all at 11 percent)—despite the fact that consumers trust the government (59 percent) and tech companies (42 percent) the least to keep digital healthcare data secure (Figure 4).
FIGURE 4. Digital healthcare data breaches are occurring across a variety of locations.
Breaches may not happen where English consumers expect them
LOWEST PERCENTAGE OF BREACHES OCCURRED 6++F100+FHIGHEST PERCENTAGE OF BREACHES OCCURRED
11%
35%36++F100+F Pharmacy
Employer, Government, Tech/app company
Source: Accenture 2017 Consumer Survey on Healthcare Cybersecurity and Digital Trust
7
Who is finding the breach?Of those English consumers who experienced a breach, more than one-third (36 percent) found out about it themselves. About three in ten (31 percent) were proactively notified and 34 percent learned about the breach passively (Figure 5).
What are healthcare data thieves taking?Among those English consumers who experienced a breach, 39 percent had their personal information stolen. Just over one-quarter (25 percent) of English consumers had health insurance ID numbers compromised and 20 percent had electronic medical records stolen. Medical record numbers and data from health/medical condition tracking apps were the data least frequently compromised in a breach (both registering 16 percent of data breaches).
LEARNED ABOUT IT PASSIVELY
SOME OTHER WAY
Noticed error in health records, credit card statement, credit report, Explanation of Benefits
Received a notice from provider; government entity informed me
Heard about it in the news; received collection letter for services not received
FIGURE 5. Most often, healthcare consumers noticed errors themselves.
18%
ERROR NOTICED BY RESPONDENT36%
31% NOTIFIED PROACTIVELY BY ENTITY/GOVERNMENT
34%
8
Source: Accenture 2017 Consumer Survey on Healthcare Cybersecurity and Digital Trust
FIGURE 6. English consumers react to data breaches in various ways.
94% of English consumers took steps in response to a breach
27% 22% 22% 19% 18% 14% 13% 13%Got legal
helpChanged
passwords or other credentials
Subscribed to identity protection
service
Involved the police
Added security software to my
computer
Reported it to the organisation holding my data
Other
6%
None of these
CHANGED HEALTHCARE PROVIDERS
In response to the breach of their healthcare data, English consumers were the largest majority (94 percent) from our seven-country sample to take action to protect their data. They took personal responsibility for changing passwords or other credentials (22 percent); subscribing to an identity protection service (22 percent) or adding security software to their own computers (19 percent).
Some consumers took action against their providers. While 13 percent of those experiencing a breach changed healthcare providers, others relied on the security of the law, with 27 percent seeking legal help and 18 percent involving the police (Figure 6).
More consumers in England than in other countries respond to breaches
9
10%
Much more
29%
About as much as before
26%
A little less
9%
Much less
Healthcare data breaches can harm digital trustFIGURE 7. After a breach, consumers report how it impacted their trust in the organisation.
26%
A little more
In response to a data breach, nearly all (95 percent) English consumers reported that the company holding their data took some action. 68 percent felt the breach was handled “very well” or “somewhat well.”
Interestingly, following a breach, 36 percent of consumers gained more trust in the organisation, 29 percent reported no change in their trust and a worrying 35 percent lost trust (Figure 7).
Source: Accenture 2017 Consumer Survey on Healthcare Cybersecurity and Digital Trust
10+26+29+26+9
10
Improving cybersecurity is the first step in building digital trustBreaches are inevitable. Healthcare providers can try to protect against them and they should establish digital trust with consumers early on to build a foundation that helps consumers to weather the storm of a breach.
Now is the time for healthcare providers and other organisations to strengthen cybersecurity capabilities, improve their defences, build resilience and better manage breaches. Most importantly, they can give consumers the confidence that their data is in trusted hands.
KEY ACTIONS TO BETTER SERVE ENGLISH CONSUMERS: IMPROVE RESPONSE CAPABILITIES
Along with improving detection, handle breaches quickly and efficiently, in a way that limits damage.
VALIDATE DOWNTIME PROCEDURES
Strive to reduce recovery time to minimise impact on patient care and business operations.
SHARE THREAT INFORMATION
Act on learnings and share them with others. Communicate to consumers the actions you have taken.
RE-BOOT YOUR APPROACH
Embrace an end-to-end cyber defence that recognises a spectrum of threats, minimises exposure, and identifies and protects high-priority assets.
MANAGE YOUR RISKS
Make targeted cybersecurity investments that will deliver measurable returns and help you build digital trust with healthcare consumers who are increasingly security-aware.
Source: Accenture 2017 Consumer Survey on Healthcare Cybersecurity and Digital Trust
Copyright © 2017 Accenture All rights reserved.
Accenture, its logo, and High Performance Delivered are trademarks of Accenture.
For more information
Aimie Chapple [email protected]
@aimiechapple
Dan West [email protected]
@WestDan_
Follow us on Twitter
@AccentureHealth
Accenture Health
Accenture 2017 Consumer Survey on Healthcare Cybersecurity and Digital Trust
Accenture commissioned a seven-country survey of 7,580 consumers aged 18+ to assess their attitudes toward healthcare data, digital trust, roles and responsibilities, data sharing and breaches. The online survey included consumers across seven countries: Australia (1,000), Brazil (1,000), England (1,000), Norway (800), Saudi Arabia (850), Singapore (930) and the United States (2,000). The survey was conducted by Nielsen on behalf of Accenture between November 2016 and January 2017. The analysis provided comparisons by country, sector, age and use.
About Accenture Insight Driven Health
Insight driven health is the foundation of more effective, efficient and affordable healthcare. That’s why the world’s leading healthcare providers and health plans choose Accenture for a wide range of insight driven health services that help them use knowledge in new ways—from the back office to the doctor’s office. Our committed professionals combine real-world experience, business and clinical insights and innovative technologies to deliver the power of insight driven health. For more information, visit: www.accenture.com/insightdrivenhealth.
About Accenture
Accenture is a leading global professional services company, providing a broad range of services and solutions in strategy, consulting, digital, technology and operations. Combining unmatched experience and specialized skills across more than 40 industries and all business functions – underpinned by the world’s largest delivery network – Accenture works at the intersection of business and technology to help clients improve their performance and create sustainable value for their stakeholders. With approximately 401,000 people serving clients in more than 120 countries, Accenture drives innovation to improve the way the world works and lives. Visit us at www.accenture.com.