Healthcare remained the most expensive industry for data breaches in 2025 for the 14th consecutive year, according to the American Hospital Association’s 2026 Environmental Scan.
The average cost of a healthcare breach in the U.S. was $9.8 million in 2025, outpacing all other sectors. Although this was down from $10.9 million in 2023, it still far exceeded the global industry average, the report found. Healthcare breaches also took the longest to identify and contain — an average of 279 days, about five weeks longer than in other industries.
The report attributed the high costs and lengthy containment periods to gaps in governance and oversight, especially regarding artificial intelligence. It found that 97% of AI-related security breaches occurred in systems lacking appropriate access controls. Most affected organizations had no internal policies to regulate the use of shadow AI — artificial intelligence tools adopted without formal approval or oversight.
The post Hospitals face highest data breach costs: AHA report appeared first on Becker’s Hospital Review | Healthcare News & Analysis.
Health IT
