In case you need another reason to avoid the hospital, here it is: Data about you and your treatment might not be adequately protected, and your privacy could be at risk. According to a research report conducted by Ponemon Institute (a privacy and information management research firm) and sponsored by ID Experts (a security products provider), many healthcare facilities are not adequately protecting patient data. In addition, the healthcare industry is lagging in implementing the standards set by the HITECH Act of 2009, which widen the scope of privacy and security protections under HIPAA to provide strong safeguards for patient data. And the insufficient security is proving costly to the healthcare industry, as hospitals are collectively losing an estimated $6 billion a year due to data breaches, according to the study. Because many breaches go undetected, the losses might be considerably higher than that, according to Ponemon. The research shows that protecting patient data is a low priority for hospitals, and many healthcare organizations have little confidence in their ability to secure patient records. This puts individuals at great risk for medical identity theft, financial theft and embarrassment of exposure of private information, the report says.