• Politics
  • Diversity, equity and inclusion
  • Financial Decision Making
  • Telehealth
  • Patient Experience
  • Leadership
  • Point of Care Tools
  • Product Solutions
  • Management
  • Technology
  • Healthcare Transformation
  • Data + Technology
  • Safer Hospitals
  • Business
  • Providers in Practice
  • Mergers and Acquisitions
  • AI & Data Analytics
  • Cybersecurity
  • Interoperability & EHRs
  • Medical Devices
  • Pop Health Tech
  • Precision Medicine
  • Virtual Care
  • Health equity

5 Steps to Prepare for Communication Challenges After a Data Breach

Article

Healthcare is a major hacking target. Get ready before things get messy.

data breach communication,data breach media strategy,hipaa violation communication,hca news

Data breaches are stinging organizations in all sectors of the healthcare industry. According to IBM, the average cost of a data breach is $3.86 million, and the financial stakes for healthcare are even higher. The average cost of each lost or stolen record is about $408, which is twice as much as in the financial industry.

>> READ: 5 Data Breaches That Show How Cybersecurity Must Evolve

The financial burdens are not the only challenges that arise from a data breach. Company branding, especially for healthcare organizations, relies on trust. It’s important for companies to be prepared for communication challenges in the face of a crisis. I’ve outlined five steps healthcare companies need to follow in the wake of a data breach.

1. Map Out a Data Breach Plan

A faulty response to a crisis is oftentimes irreversibly damaging for a healthcare organization, which is why creating a communications plan that considers all potential risks is critical.

Not all breaches will be the same, so it is important to consider multiple scenarios. Identify the potential for risk in your organization and imagine the worst-case scenario. Next, identify your stakeholders. Who will be affected by this breach? What are the financial, emotional and overall business effects of the breach? Finally, how are we going to rectify the situation?

Sketch out the scenarios and action plans to prepare your team for swift and consistent action.

2. Transparency Is Essential

A crisis is not a time of concealment — it’s important to be open with your customers, patients and investors. Explaining the who, what, when, where and why is necessary to preserve patient and customer trust, while simultaneously respecting patient privacy and other regulatory matters. Ensure that your risk assessment and legal teams are involved in the drafting and approval of any statement. You want to make it right, but you also need to protect your company’s rights.

With the rise of data breaches, consumers expect some information immediately. Healthcare communications teams need to create a comprehensive statement that coveys what happened and when, who it affects and the action plan in place to address the issue. If you don’t have a complete view of the situation when the news is breaking, share the details you have and notify them of timing for more information.

3. Communicate on All Channels

With any communications plan, it’s important to cover all of your corporate communication channels with a clear, consistent message. The official statement should appear on your website in the form of a homepage announcement or a blog. Use your email distributions lists to inform your stakeholders about the breach and next steps. Create social media posts that link to your official statement on all relevant platforms. Depending on the impact of the breach, a press release can also be beneficial.

Equally as important are the internal communication pieces — your organization needs to communicate the situation to your internal employees, board members and investors. A good way to start is with a series of email communications from the executive level with corresponding small groups or one-on-one meetings with managers. Managers will need talking points and coaching on how to answer difficult questions.

4. Make It Right

With over 2 billion breaches occurring in 2017, consumers expect more than an apology. Healthcare data breaches are particularly sensitive.

Communicate what steps your organization is taking to fix the situation and how you are improving security systems. Institute a hotline, email address or dedicated support team to answer questions from affected customers.

5. Find a Partner

Since the stakes are so high in a healthcare data breach, I recommend finding an experienced public relations partner to help handle the moving parts. A strategic PR partner will assist with tasks such as effective press release writing, media training, interview prep, social media content creation, and the list goes on and on. A data breach is not the time to short change your communication strategies.

A PR partner also brings an outside perspective to the mix. With the benefit of experience, PR professionals can plan for the long-term communication challenges in the aftermath of a data breach. Time does not stop for a data breach and neither should the commitment to your brand. The right partner can help plan for the future and create new strategies for your brand to succeed post-breach.

By planning for a crisis appropriately, you not only set your organization up for a quick recovery but also set a precedent of trust and respect for your end users — even when the worst happens.

Kristen Broyles is an experienced social media marketer with a penchant for B2B tech and healthcare clients. She brings a passion for storytelling to building audiences and engagement in under 280 characters.

Get the best insights in healthcare analytics directly to your inbox.

Related

Judge Upholds $4.3M Data Breach Fine Against MD Anderson

What to Do Before and After a Data Breach

How Healthcare Organizations Can Protect Against Medical Identity Theft

Related Videos
Image: Ron Southwick, Chief Healthcare Executive
Related Content
Image: Ron Southwick, Chief Healthcare Executive

Change Healthcare cyberattack: Lawsuits emerge, and more are coming

April 5th 2024
Article

Several suits have already been filed and others are expected due to the ransomware attack that has affected hospitals and providers nationwide.

The rise of third party cyberattacks in healthcare | Data Book podcast

The rise of third party cyberattacks in healthcare | Data Book podcast

March 11th 2024
Podcast

Dan Dodson, the CEO of Fortified Health Security, talks about the risks to hospitals, AI in attacks and defense, and what health systems can do to protect themselves.

Image: Ron Southwick, Chief Healthcare Executive

Pennsylvania hospital group CEO talks about cyberattack, financial concerns, staffing, and more

April 4th 2024
Article

Nicole Stallings, CEO of the Hospital + Healthcare Association of Pennsylvania, spoke with Chief Healthcare Executive at the group’s leadership summit.

Hospitals face evolving threats from cyberattacks | Data Book podcast

Hospitals face evolving threats from cyberattacks | Data Book podcast

December 7th 2023
Podcast

Michael Hamilton, founder and chief information security officer of Critical Insight, talks about trends in attacks and emerging threats in the coming year.

Image credit: ©Jose Luis Stephens - stock.adobe.com

Change Healthcare cyberattack: Hospitals ask Congress to speed up payments

March 21st 2024
Article

Lawmakers should lift restrictions on the federal government to help providers get assistance more quickly, the American Hospital Association says.

Image: Ron Southwick, Chief Healthcare Executive

How cyberattacks are a threat to patient safety

March 20th 2024
Article

Health system leaders know the financial risks of cyberattacks, as shown by the Change Healthcare attack. Now, they are seeing cybersecurity is essential to protecting patients.

© 2024 MJH Life Sciences

All rights reserved.