AJMC Study: Following a Data Breach Hospitals’ Advertising Expenditure Rises 64%

In a recent study published in the American Journal of Managed Care Sung J. Choi, PhD and M. Eric Johnson, PhD looked into how advertising expenditures at hospitals changed in the aftermath of a data breach.

The study, showed that hospitals invest an average o f64% more on advertising spending in the year after a data breach. Advertising expenditures were discovered 79% higher over the two-year period after a data breach.

The authors of the study reported that that breached hospitals were, in most cases, large or teaching hospitals located in urban settings. Hospitals that suffered data breaches had an average of 566 beds and were normally located in areas near other hospitals and, consequently, high competition for patients.

Hospitals in the researched group that had not suffered a data breach spent an average of £238,000 on advertising annually, whereas hospitals that experienced data breaches spent an average of $817,205 on advertising in the year after a data breach – around three times as much as the control group. An average of $1.75 million was invested in advertising in the two years following a breach.

The researchers proposed that this increase in investment in advertising is due to efforts to minimize patient loss to competitors and to help repair hospitals’ damaged reputation after a data breach takes place.

Additionally the authors of the report deduced from the data included in the the study that came from 2011-2014 before ransomware attacks on hospitals became commonplace. As these these types of data breaches disrupt medical services provided by hospitals, advertising spending may be even higher in the aftermath of these breaches.


The researchers wrote that: “Advertising and the efforts to fix the damages from a data breach increase healthcare costs and may divert resources and attention away from initiatives to improve care quality. Advertising costs subsequent to a breach are another cost to the healthcare system that could be avoided with better data security.”

Author: Maria Perez