Members of a US healthcare purchasing alliance are now able to take out insurance to cover the financial costs of data breaches. 

The move comes in the wake of a growing number of US hospitals facing hefty bills after they expereinced data breaches, either through external attack or internal failures. 

With the cost of litigation, fixing breaches and taking corrective action it is estimated that each data breach in the US healthcare system costs on average nearly $200 per record and $6.3m per incident. The figures come from a recent study by Kroll Fraud Solutions published by The Healthcare Information and Management Systems Society (HIMSS).

Faced with these kinds of risks and potential costs, one alliance of healthcare purchasers in San Diego has started offering organisations the chance to sign up to insurance to protect them against the expenses related to data breaches.

Premier Insurance Management Services, a unit of the San Diego-based Premier Inc. is now offering members of the alliance the chance to sign up for “data privacy and network risk liability” insurance in partnership with Media/Professional Insurance, Kansas City.

The insurance is said to cover such expenses as crisis management, public relations and customer notification. According to Health Data Management the insurance also covers expenses, fines and penalties arising from government and regulatory agency investigations into the handling of personal data.

A recent study on the security of US healthcare organisations found that only 56% of breached organizations surveyed notified the patients involved.