Study Reveals Relationship Between Data Breaches and Hospital Advertising Expenditure Increases

A study has been published which investigated how data breaches affect hospital advertising expenditure decisions.

The study, entitled “Understanding the Relationship Between Data Breaches and Hospital Advertising Expenditures” was published by Sung J. Choi, PhD and M. Eric Johnson, PhD in the American Journal of Managed Care. The study was conducted by analysing hospital expenditures using a propensity score-matched regression. The study looked at a range of data breaches, including theft, loss, unauthorised access/disclosure, improper disposal, and hacking. Media outlets were used to obtain advertising expenditure.

The primary findings of the study showed that a hospital data breach was associated with a 64% increase in annual advertising expenditures. Advertising expenditures were found to be 79% higher over the two-year period following a data breach. The researchers suggested that “Advertising and the efforts to fix the damages from a data breach increase healthcare costs and may divert resources and attention away from initiatives to improve care quality, and “Advertising costs subsequent to a breach are another cost to the healthcare system that could be avoided with better data security.”

The researchers hospitals that experienced a data security incident were frequently large or teaching hospitals located in urban settings. Hospitals that experienced data breaches had an average of 566 beds and were typically located in areas where there were other hospitals and, consequently, high competition for patients. Therefore, the repetitional damage of a data breach would have severe and direct impacts on their patient intake.

Hospitals in the control group that had not experienced a data breach spent an average of £238,000 on advertising each year, whereas hospitals that experienced data breaches spent nearly three times that sum, with an average of $817,205. An average of $1.75 million was spend on advertising in the two years following a breach.

The researchers note that the data from the study came from 2011-2014 before ransomware attacks on hospitals became common. As these attacks are becoming increasingly common, it is likely that hospitals will continue to spend more of their budget on advertising in the coming years.

About Christine Garcia 1297 Articles
Christine Garcia is the staff writer on Calculated HIPAA. Christine has several years experience in writing about healthcare sector issues with a focus on the compliance and cybersecurity issues. Christine has developed in-depth knowledge of HIPAA regulations. You can contact Christine at [email protected]. You can follow Christine on Twitter at