1.212.642.4980     info@ansi.org    8:30am – 6pm EST, Monday – Friday
ANSI Standards Store

Browse ISO Standards
Browse IEC Standards

View all Publishers





View All Standards Packages



Search tips Search tips

The Financial Impact of Breached Protected Health Information

The Financial Impact of Breached Protected Health Information
Business Case for Enhanced PHI Security

Published by the American National Standards Institute (ANSI),
via its Identity Theft Prevention and Identity Management
Standards Panel (IDSP), in partnership with The Santa Fe
Group/Shared Assessments Program Healthcare Working
Group, and the Internet Security Alliance (ISA)

 Download your free copy

* Registration is required for new users

The Financial Impact of Breached Protected Health Information: A Business Case for Enhanced PHI Security
explores the reputational, financial, legal, operational, and clinical repercussions of a protected health information (PHI) breach on an organization, and provides a 5-step method – PHI Value Estimator (PHIve)- to assess specific security risks and build a business case for enhanced PHI security. This tool estimates the overall potential costs of a data breach to an organization, and provides a methodology for determining an appropriate level of investment needed to strengthen privacy and security programs and reduce the probability of a breach.  A detailed example of costing a PHI breach using the PHIve method is provided.

The Financial Impact of Breached Protected Health Information: A Business Case for Enhanced PHI Security
also offers information about:

  • the stakeholders involved in the health care ecosystem;
  • the evolution of laws, rules and regulations designed to protect PHI;
  • the causes and increasing number of data breaches;
  • the most common threats and vulnerabilities to the security of PHI;
  • safeguards and controls that organizations can put in place to mitigate the risk of a breach; and
  • current industry practices and attitudes for protecting PHI, based on a survey.

The Financial Impact of Breached Protected Health Information: A Business Case for Enhanced PHI Security
report is supplemented by a number of online appendices, hyperlinked to the report, which contain research notes from the various project subcommittees.

Appendices


 Replacement Pages

Persons holding printed versions of The Financial Impact of Breached Protected Health Information: A Business Case for Enhanced PHI Security are invited to download these replacement pages, which are corrections to the breach costing spreadsheets on pages 55-58 of the report.


Webinar Recording

A recording of the March 21, 2012 webinar providing an overview of The Financial Impact of Breached Protected Health Information: A Business Case for Enhanced PHI Security is available at this location. You will need Windows Media Player 9 or higher to view the presentation.

Copies of the slides can be accessed here.



ANSI Shared AssessmentsInternet Security Alliance