Patients are more likely to keep coming back to a hospital or health system following a data breach if they are promptly notified of the incident, according to a study by credit reporting agency Experian and cited by the HIPAA Journal.
The study surveyed 1,000 adults in the U.S. to determine customer churn rates following data breaches. HIPAA requires hospitals to notified affected patients no later than 60 days from discovery. However, patients want communication much sooner.
According to the survey, 73 percent of patients expect to be alerted of a security incident within 24 hours of the breach being discovered. If notified early, patients tend to be more forgiving. Around 90 percent said they would have lenience if they knew that the organization had a plan in place for communicating with patients.
Not all hospitals, health systems and healthcare organizations have communication plans in place. In another Experian study, 34 percent of organizations said their data breach response plan doesn't include customer notification.
To read more, click here.