SynGuard Data Breach Statistics

SynGuard™ Claims Scenarios
Download PDF File

Patient Records

  • According to the Ponemon Institute, The average number of lost or stolen records per breach was 1,769. ponemon institute
  • In 2009, over 12 million patient records were exposed as a result of healthcare breaches
  • Providers without privacy breach monitoring are likely to have at least 25 to 100 privacy breaches per month
  • 59% of employees leaving their job steal information
  • In a Harris Poll taken of over 1,000 patients, 91% of patients say they would not return to a practice if their personal information was involved in a data breach


  • Sanctions and penalties resulting from healthcare breaches can reach up to $50,000 per violation
  • Breaches cost U.S. hospitals nearly $6 billion a year
  • Under the recently enacted HITECH Act, negligent compliance practices can result in fines up to $1.5 million per incident, and state Attorneys’ General now have the authority to prosecute organizations that experience breaches
  • For a hospital, the average lifetime value of one lost patient is $107,580
  • The economic impact of data breach incidents over a two-year period is approximately $2 million per organization


  • Major factors causing data breaches are unintentional employee action, lost or stolen computing devices and third-party error, the firm stated
  • The top three causes of a data breach are: unintentional employee action, lost or stolen computing devices and third-party snafu
  • 77% of data breaches occur from use of portable media such as laptops or removable storage devices. An organization pays on average $3.85 million when removable media or a laptop is lost, stolen or compromised

Detecting & Resolving

  • Forty-one percent discovered the data breach as a result of a patient complaint
  • More than half (58 percent) of organizations have little or no confidence that their organization has the ability to detect all patient data loss or theft
  • Sixty-three percent of organizations say it took them between one to six months to resolve the incident