Hospitals with breaches spend more on ads to mitigate damage

Hospitals that have experienced a data breach often boost their advertising budget as part of the effort to regain the trust of patients.


Hospitals that have experienced a data breach often boost their advertising budget as part of the effort to regain the trust of patients.

The increased costs of marketing is often tied to efforts to keep patients from going to other provider organizations, according to recent published research.

Sung Choi, an assistant professor of health administration at Penn State University, and Eric Johnson, a professor of strategy at the Owen Graduate School of Medicine at Vanderbilt University, found a link between a breach and outreach to the community.

“Breached hospitals were associated with significantly higher advertising expenditures in the two years after the breach,” they note in a paper published in the American Journal of Managed Care. “Efforts to repair the hospital’s image and minimize patient loss to competitors are potential drivers of the increased spending.”



In the study, the number of hospitals in the breached group was 75 and the number of hospitals in the control group was 3,421. The breached hospitals spend nearly three times more on advertising—approximately $688,000 vs. $238,000 for annual spending, and $1,713,000 vs. $551,000 over two years.

Breached hospitals also were more likely to be larger in bed size, more likely to be teaching hospitals and located in counties with significantly more hospitals and Medicare enrollees, suggesting that they were in more competitive areas, according to Choi and Johnson.

Overall, hospital data breaches were associated with a 64 percent increase in annual hospital advertising expenditures relative to control hospitals, independent of observed hospitals and area characteristics such as bed size, revenue and number of hospitals in the county.

Advertising costs after a breach are another cost to the healthcare system that could be avoided with better security, Choi and Johnson contend.

They used data from the Department of Health and Human Services data breach website that lists breaches affecting 500 or more individuals, and the Privacy Rights Clearinghouse also provided information on reported healthcare data breaches.

Also See: 600,000 affected by huge data breach in Michigan

Breach mitigation includes an investigation by HHS that could take a year, along with a substantial financial settlement that could total hundreds of thousands of dollars. Further, Choi and Johnson point out that estimates from other studies show that the median cost of a breach can hit $200,000, and they note a Ponemon study showing the industry spends an average of $402 per stolen patient record.

Other researchers have found that breaches are associated with fewer outpatient visits and admissions in the long run, and that’s why advertising becomes so important, Choi and Johnson contend.

The researchers note that findings of the study were limited to breaches affecting more than 500 individuals, which the HHS Office for Civil Rights considers to be large breach that must be publicly reported and published in the HHS breach database.

Consequently, hospitals with smaller breaches not subject to public reporting are less likely to draw attention or feel motivation to increase advertising. The bottom line, however, is that advertising and work to fix the breach increase costs and could divert resources and attention away from initiatives such as improved care quality, Choi and Johnson conclude.

More for you

Loading data for hdm_tax_topic #better-outcomes...