Hospitals Face Increased Risk of Data Breaches
|
By HospiMedica International staff writers Posted on 26 Apr 2017 |
A new study suggests that as health providers adopt health information technology, they increasingly suffer from data breaches.
Researchers at Michigan State University, Ball State University, and Johns Hopkins University conducted a retrospective data analysis of data breaches reported to the U.S. Department of Health and Human Services between October 2009 and December 2016. By law, U.S. hospitals covered by the Health Insurance Portability and Accountability Act (HIPPA), must notify the HHS of any breach affecting 500 or more individuals within 60 days of the discovery of the breach.
The results revealed that during the study period, healthcare providers reported 1,225 of the 1,798 recorded breaches, while business associates, health plans, and healthcare clearinghouses reported the remaining 573 data breaches. Of these, 257 breaches were reported by 216 hospitals; importantly, 33 hospitals experienced more than one breach, many of them large, major teaching hospitals, such as UC Davis Medical Center (CA, USA) and Henry Ford Hospital (Detroit, MI, USA). The study was published on April 3, 2017, in JAMA Internal Medicine.
“This research reinforces the critical trade-off patient’s face: healthcare systems having access to information they need, versus a hacker planning to spend your savings at Best Buy,” said lead author Xuefeng Jiang, PhD, of MSU, and colleagues. “While the law requires health care professionals and systems to cross-share patient data, the more people who can access data, the less secure it is.”
A data breach is defined as a security incident in which sensitive, protected, or confidential data is copied, transmitted, viewed, stolen or used by an individual unauthorized to do so. Data breaches may involve financial information such as credit card or bank details, personal health information, personally identifiable information, trade secrets of corporations, or intellectual property.
Researchers at Michigan State University, Ball State University, and Johns Hopkins University conducted a retrospective data analysis of data breaches reported to the U.S. Department of Health and Human Services between October 2009 and December 2016. By law, U.S. hospitals covered by the Health Insurance Portability and Accountability Act (HIPPA), must notify the HHS of any breach affecting 500 or more individuals within 60 days of the discovery of the breach.
The results revealed that during the study period, healthcare providers reported 1,225 of the 1,798 recorded breaches, while business associates, health plans, and healthcare clearinghouses reported the remaining 573 data breaches. Of these, 257 breaches were reported by 216 hospitals; importantly, 33 hospitals experienced more than one breach, many of them large, major teaching hospitals, such as UC Davis Medical Center (CA, USA) and Henry Ford Hospital (Detroit, MI, USA). The study was published on April 3, 2017, in JAMA Internal Medicine.
“This research reinforces the critical trade-off patient’s face: healthcare systems having access to information they need, versus a hacker planning to spend your savings at Best Buy,” said lead author Xuefeng Jiang, PhD, of MSU, and colleagues. “While the law requires health care professionals and systems to cross-share patient data, the more people who can access data, the less secure it is.”
A data breach is defined as a security incident in which sensitive, protected, or confidential data is copied, transmitted, viewed, stolen or used by an individual unauthorized to do so. Data breaches may involve financial information such as credit card or bank details, personal health information, personally identifiable information, trade secrets of corporations, or intellectual property.
Latest Health IT News
- Digital Heart Model Supports Targeted Ablation in Atrial Fibrillation
- AI Framework Helps Clinicians Create Trustworthy Risk Prediction Tools
- AI Tool Screens for Primary Aldosteronism Using Routine EHR Data
- AI-Enabled ECG Software Predicts One-Year Atrial Fibrillation Risk
- AI-Native EHR Achieves EU Medical Device Certification
- EHR-Integrated Screening Workflow Detects Cognitive Impairment at Admission
- AI System Detects and Quantifies Chronic Subdural Hematoma
- Continuous Monitoring Platform Detects Infection Risk Across Care Transitions
- Automated System Classifies and Tracks Cardiogenic Shock Across Hospital Settings
- Voice-Driven AI System Enables Structured GI Procedure Documentation
- EMR-Based Tool Predicts Graft Failure After Kidney Transplant
Channels
Artificial Intelligence
view channel
AI Tool Predicts Chronic Kidney Disease Risk in Diabetes
Chronic kidney disease is a common and serious complication of type 2 diabetes and often progresses without obvious early symptoms, increasing morbidity and straining health systems. Many risk models were... Read more
AI Trends Report Guides Responsible, Effective Healthcare Deployment
Hospitals are under growing pressure to adopt artificial intelligence tools that improve safety, efficiency, and continuity of care without compromising quality. At the same time, clinicians need clearer... Read moreCritical Care
view channel
Home Exercise Program Advances Recovery After Aortic Dissection
Aortic dissection is a life-threatening tear in the aortic wall that can compromise blood flow to vital organs. Survivors are often advised to restrict physical activity because of concerns about blood... Read more
Noninvasive Silk Sensor Could Transform Care for Premature Infants
Monitoring premature infants often relies on multiple wired sensors and repeated blood draws to track glucose and electrolytes, which can irritate fragile skin and disrupt care. Trend information between... Read moreSurgical Techniques
view channel
AI-Designed Microneedle Patch Accelerates Diabetic Wound Healing
Chronic diabetic wounds are slow to heal and prone to infection, often leading to repeated procedures and prolonged care. Standard closure methods bring wound edges together but do not adapt to changing... Read more
Focused Ultrasound System Gains CE Mark for Liver Tumor Treatment
Liver tumors remain a major global health challenge, and many patients are not candidates for resection or conventional thermal ablation. Tumor location, underlying liver disease, and other clinical factors... Read morePatient Care
view channel
AI Avatar Doctor Improves Patient Understanding Before Radiotherapy
Radiation oncology consultations require patients to grasp complex concepts quickly, yet anxiety and information overload often undermine understanding and informed consent. Poor comprehension can also... Read more
Wearable Sleep Data Predict Adherence to Pulmonary Rehabilitation
Chronic obstructive pulmonary disease (COPD) is a long-term lung disorder that makes breathing difficult and often disturbs sleep, reducing energy for daily activities. Limited engagement in pulmonary... Read morePoint of Care
view channel
New Brain Ultrasound Platform Enables Bedside Postoperative Imaging
Transporting postoperative patients for CT or MRI can create operational burdens, delays, and disruptions in care. Bedside visualization may help reduce transport demands, lower radiation exposure, and... Read more
Handheld Ultrasound Expands Point-of-Care Imaging Access in Brazil
Rapid access to diagnostic imaging is essential across hospitals, emergency departments, clinics, and municipal health systems, but large markets still face uneven availability, particularly in rural regions.... Read moreBusiness
view channel







