Hospitals Face Increased Risk of Data Breaches
|
By HospiMedica International staff writers Posted on 26 Apr 2017 |
A new study suggests that as health providers adopt health information technology, they increasingly suffer from data breaches.
Researchers at Michigan State University, Ball State University, and Johns Hopkins University conducted a retrospective data analysis of data breaches reported to the U.S. Department of Health and Human Services between October 2009 and December 2016. By law, U.S. hospitals covered by the Health Insurance Portability and Accountability Act (HIPPA), must notify the HHS of any breach affecting 500 or more individuals within 60 days of the discovery of the breach.
The results revealed that during the study period, healthcare providers reported 1,225 of the 1,798 recorded breaches, while business associates, health plans, and healthcare clearinghouses reported the remaining 573 data breaches. Of these, 257 breaches were reported by 216 hospitals; importantly, 33 hospitals experienced more than one breach, many of them large, major teaching hospitals, such as UC Davis Medical Center (CA, USA) and Henry Ford Hospital (Detroit, MI, USA). The study was published on April 3, 2017, in JAMA Internal Medicine.
“This research reinforces the critical trade-off patient’s face: healthcare systems having access to information they need, versus a hacker planning to spend your savings at Best Buy,” said lead author Xuefeng Jiang, PhD, of MSU, and colleagues. “While the law requires health care professionals and systems to cross-share patient data, the more people who can access data, the less secure it is.”
A data breach is defined as a security incident in which sensitive, protected, or confidential data is copied, transmitted, viewed, stolen or used by an individual unauthorized to do so. Data breaches may involve financial information such as credit card or bank details, personal health information, personally identifiable information, trade secrets of corporations, or intellectual property.
Researchers at Michigan State University, Ball State University, and Johns Hopkins University conducted a retrospective data analysis of data breaches reported to the U.S. Department of Health and Human Services between October 2009 and December 2016. By law, U.S. hospitals covered by the Health Insurance Portability and Accountability Act (HIPPA), must notify the HHS of any breach affecting 500 or more individuals within 60 days of the discovery of the breach.
The results revealed that during the study period, healthcare providers reported 1,225 of the 1,798 recorded breaches, while business associates, health plans, and healthcare clearinghouses reported the remaining 573 data breaches. Of these, 257 breaches were reported by 216 hospitals; importantly, 33 hospitals experienced more than one breach, many of them large, major teaching hospitals, such as UC Davis Medical Center (CA, USA) and Henry Ford Hospital (Detroit, MI, USA). The study was published on April 3, 2017, in JAMA Internal Medicine.
“This research reinforces the critical trade-off patient’s face: healthcare systems having access to information they need, versus a hacker planning to spend your savings at Best Buy,” said lead author Xuefeng Jiang, PhD, of MSU, and colleagues. “While the law requires health care professionals and systems to cross-share patient data, the more people who can access data, the less secure it is.”
A data breach is defined as a security incident in which sensitive, protected, or confidential data is copied, transmitted, viewed, stolen or used by an individual unauthorized to do so. Data breaches may involve financial information such as credit card or bank details, personal health information, personally identifiable information, trade secrets of corporations, or intellectual property.
Latest Health IT News
- Digital Heart Model Supports Targeted Ablation in Atrial Fibrillation
- AI Framework Helps Clinicians Create Trustworthy Risk Prediction Tools
- AI Tool Screens for Primary Aldosteronism Using Routine EHR Data
- AI-Enabled ECG Software Predicts One-Year Atrial Fibrillation Risk
- AI-Native EHR Achieves EU Medical Device Certification
- EHR-Integrated Screening Workflow Detects Cognitive Impairment at Admission
- AI System Detects and Quantifies Chronic Subdural Hematoma
- Continuous Monitoring Platform Detects Infection Risk Across Care Transitions
- Automated System Classifies and Tracks Cardiogenic Shock Across Hospital Settings
- Voice-Driven AI System Enables Structured GI Procedure Documentation
- EMR-Based Tool Predicts Graft Failure After Kidney Transplant
Channels
Artificial Intelligence
view channel
AI Trends Report Guides Responsible, Effective Healthcare Deployment
Hospitals are under growing pressure to adopt artificial intelligence tools that improve safety, efficiency, and continuity of care without compromising quality. At the same time, clinicians need clearer... Read more
Privacy-Preserving AI Protects Sensitive Information in ECG Data
Artificial intelligence applied to electrocardiography can extract more than cardiac rhythm. Algorithms can infer age, sex, race, and even identity from electrocardiogram (ECG) signals, creating privacy... Read moreCritical Care
view channel
Medical Drone Program Improves Blood Access and Patient Survival
Delayed access to blood products can be fatal for patients with postpartum hemorrhage and traumatic bleeding, and it also drives waste in hospital inventories. Rwanda’s mountainous terrain has historically... Read more
FDA Clears Tongue-Applied Neuromodulation System for Stroke Gait Rehabilitation
Gait impairment after stroke is a persistent driver of fall risk, loss of independence, and reduced quality of life. Despite structured rehabilitation, many adults continue to experience dynamic gait deficits... Read moreSurgical Techniques
view channel
Intravesical CAR T Therapy Shows Promise for Bladder Cancer Treatment
Bladder cancer is common and frequently recurs after initial therapy, exposing patients to repeated procedures and cumulative toxicity. High‑risk disease often progresses despite intravesical drugs or... Read more
Living Valve Surgery Delivers Durable Outcomes for Aortic Valve Disease
Aortic valve disease can lead to heart failure, impaired quality of life, and early mortality if untreated, yet standard replacement options often require trade-offs among durability, anticoagulation,... Read morePatient Care
view channel
AI Avatar Doctor Improves Patient Understanding Before Radiotherapy
Radiation oncology consultations require patients to grasp complex concepts quickly, yet anxiety and information overload often undermine understanding and informed consent. Poor comprehension can also... Read more
Wearable Sleep Data Predict Adherence to Pulmonary Rehabilitation
Chronic obstructive pulmonary disease (COPD) is a long-term lung disorder that makes breathing difficult and often disturbs sleep, reducing energy for daily activities. Limited engagement in pulmonary... Read morePoint of Care
view channel
AI Dermatology Platform Targets Early Detection of Non-Melanoma Skin Cancer
Keratinocyte skin cancers, including basal cell and squamous cell carcinoma, account for a substantial share of dermatology workload in the United States and require accurate triage to guide biopsy decisions.... Read more







