Hospitals Face Increased Risk of Data Breaches
|
By HospiMedica International staff writers Posted on 26 Apr 2017 |
A new study suggests that as health providers adopt health information technology, they increasingly suffer from data breaches.
Researchers at Michigan State University, Ball State University, and Johns Hopkins University conducted a retrospective data analysis of data breaches reported to the U.S. Department of Health and Human Services between October 2009 and December 2016. By law, U.S. hospitals covered by the Health Insurance Portability and Accountability Act (HIPPA), must notify the HHS of any breach affecting 500 or more individuals within 60 days of the discovery of the breach.
The results revealed that during the study period, healthcare providers reported 1,225 of the 1,798 recorded breaches, while business associates, health plans, and healthcare clearinghouses reported the remaining 573 data breaches. Of these, 257 breaches were reported by 216 hospitals; importantly, 33 hospitals experienced more than one breach, many of them large, major teaching hospitals, such as UC Davis Medical Center (CA, USA) and Henry Ford Hospital (Detroit, MI, USA). The study was published on April 3, 2017, in JAMA Internal Medicine.
“This research reinforces the critical trade-off patient’s face: healthcare systems having access to information they need, versus a hacker planning to spend your savings at Best Buy,” said lead author Xuefeng Jiang, PhD, of MSU, and colleagues. “While the law requires health care professionals and systems to cross-share patient data, the more people who can access data, the less secure it is.”
A data breach is defined as a security incident in which sensitive, protected, or confidential data is copied, transmitted, viewed, stolen or used by an individual unauthorized to do so. Data breaches may involve financial information such as credit card or bank details, personal health information, personally identifiable information, trade secrets of corporations, or intellectual property.
Researchers at Michigan State University, Ball State University, and Johns Hopkins University conducted a retrospective data analysis of data breaches reported to the U.S. Department of Health and Human Services between October 2009 and December 2016. By law, U.S. hospitals covered by the Health Insurance Portability and Accountability Act (HIPPA), must notify the HHS of any breach affecting 500 or more individuals within 60 days of the discovery of the breach.
The results revealed that during the study period, healthcare providers reported 1,225 of the 1,798 recorded breaches, while business associates, health plans, and healthcare clearinghouses reported the remaining 573 data breaches. Of these, 257 breaches were reported by 216 hospitals; importantly, 33 hospitals experienced more than one breach, many of them large, major teaching hospitals, such as UC Davis Medical Center (CA, USA) and Henry Ford Hospital (Detroit, MI, USA). The study was published on April 3, 2017, in JAMA Internal Medicine.
“This research reinforces the critical trade-off patient’s face: healthcare systems having access to information they need, versus a hacker planning to spend your savings at Best Buy,” said lead author Xuefeng Jiang, PhD, of MSU, and colleagues. “While the law requires health care professionals and systems to cross-share patient data, the more people who can access data, the less secure it is.”
A data breach is defined as a security incident in which sensitive, protected, or confidential data is copied, transmitted, viewed, stolen or used by an individual unauthorized to do so. Data breaches may involve financial information such as credit card or bank details, personal health information, personally identifiable information, trade secrets of corporations, or intellectual property.
Latest Health IT News
- Digital Heart Model Supports Targeted Ablation in Atrial Fibrillation
- AI Framework Helps Clinicians Create Trustworthy Risk Prediction Tools
- AI Tool Screens for Primary Aldosteronism Using Routine EHR Data
- AI-Enabled ECG Software Predicts One-Year Atrial Fibrillation Risk
- AI-Native EHR Achieves EU Medical Device Certification
- EHR-Integrated Screening Workflow Detects Cognitive Impairment at Admission
- AI System Detects and Quantifies Chronic Subdural Hematoma
- Continuous Monitoring Platform Detects Infection Risk Across Care Transitions
- Automated System Classifies and Tracks Cardiogenic Shock Across Hospital Settings
- Voice-Driven AI System Enables Structured GI Procedure Documentation
- EMR-Based Tool Predicts Graft Failure After Kidney Transplant
Channels
Artificial Intelligence
view channel
AI Tool Predicts Chronic Kidney Disease Risk in Diabetes
Chronic kidney disease is a common and serious complication of type 2 diabetes and often progresses without obvious early symptoms, increasing morbidity and straining health systems. Many risk models were... Read more
AI Trends Report Guides Responsible, Effective Healthcare Deployment
Hospitals are under growing pressure to adopt artificial intelligence tools that improve safety, efficiency, and continuity of care without compromising quality. At the same time, clinicians need clearer... Read moreCritical Care
view channel
FDA Breakthrough Device Targets Brain Hemorrhage Complications
Subarachnoid hemorrhage, bleeding into the space around the brain most often caused by a ruptured aneurysm, frequently leads to cerebral vasospasm during intensive care. This secondary narrowing of blood... Read more
ECG-Based Screening Framework Aims to Standardize Cardiac Evaluation in Military Personnel
Sudden cardiac death, the unexpected loss of heart function, can occur during intense exertion and remains a concern in physically demanding occupations. Military personnel face additional environmental... Read moreSurgical Techniques
view channel
New Access Platform Aims to Expand Minimally Invasive Spine Surgery
Minimally invasive spine surgery reduces tissue disruption and can shorten recovery in selected patients, but scaling these procedures across facilities remains challenging. Operating room workflows often... Read more
Dual-Mobility Hip Implant Cuts Postoperative Dislocations
Femoral neck fractures, a common type of hip fracture in older adults, often require total hip replacement. Postoperative dislocation of the artificial hip remains a persistent problem that can cause severe... Read morePatient Care
view channel
AI Avatar Doctor Improves Patient Understanding Before Radiotherapy
Radiation oncology consultations require patients to grasp complex concepts quickly, yet anxiety and information overload often undermine understanding and informed consent. Poor comprehension can also... Read more
Wearable Sleep Data Predict Adherence to Pulmonary Rehabilitation
Chronic obstructive pulmonary disease (COPD) is a long-term lung disorder that makes breathing difficult and often disturbs sleep, reducing energy for daily activities. Limited engagement in pulmonary... Read morePoint of Care
view channel
New Brain Ultrasound Platform Enables Bedside Postoperative Imaging
Transporting postoperative patients for CT or MRI can create operational burdens, delays, and disruptions in care. Bedside visualization may help reduce transport demands, lower radiation exposure, and... Read more







