Hospitals Incur 64% Higher Advertising Costs After a Healthcare Data Breach

A new study has investigated how advertising expenditures are affected by healthcare data breaches. The results of the study indicate hospitals increase their advertising spending in the two years after experiencing a breach of protected health information.

The study was conducted by Sung J. Choi, PhD and M. Eric Johnson, PhD., and their findings were published in the American Journal of Managed Care.

The researchers observed that breached hospitals were mostly large or teaching hospitals with an average of 566 beds. They were mostly ,located in urban locations that were served by several healthcare providers. Hospitals that had not experienced a breach of PHI spent £238,000 on average on advertising every year, whereas hospitals that suffered a data breach spent $817,205 on average on advertising in the year following a breach. That is almost three times the advertising expenditure as the control group. An average of $1.75 million was spent on advertising in the two years following a breach. Breached hospitals increased their advertising expending by 64% on average in the year subsequent to a data breach and advertising expenditures were 79% higher in the two years subsequent to a data breach.

The researchers consider the increase in advertising spending to be an attempt to restore hospitals’ reputations and to help reduce the number of patients lost to competitors. The researchers noted that data for the study came from 2011-2014 before ransomware attacks on hospitals became commonplace. Advertising expenditures may be even higher following these types of data breaches due to the major disruption and damage to reputations that they can cause.

Patient loss following a data breach is a very real possibility. A study by the Ponemon Institute study showed healthcare companies have the highest churn rate of any industry following a breach (6.7%), compared to the financial sector’s 6.1%, the services sector’s 5.2%, the energy sector’s 3.0% and the education sector’s 2.7%.

About Liam Johnson
Liam Johnson has produced articles about HIPAA for several years. He has extensive experience in healthcare privacy and security. With a deep understanding of the complex legal and regulatory landscape surrounding patient data protection, Liam has dedicated his career to helping organizations navigate the intricacies of HIPAA compliance. Liam focusses on the challenges faced by healthcare providers, insurance companies, and business associates in complying with HIPAA regulations. Liam has been published in leading healthcare publications, including The HIPAA Journal. Liam was appointed Editor-in-Chief of The HIPAA Guide in 2023. Contact Liam via LinkedIn: