Hospitals put your data at risk, study finds

April 6, 2017 by Xuefeng Jiang , Caroline Brooks , Andy Henion, Michigan State University

Lying in a hospital bed, the last thing you should have to worry about is a personal data breach. Yet recent research co-authored by a Michigan State University business scholar found nearly 1,800 occurrences of large data breaches in patient information over a seven-year period.

The study, by Xuefeng "John" Jiang, MSU associate professor of accounting, and colleagues from Johns Hopkins and Ball State universities, is published in JAMA Internal Medicine. The data breaches occurred in facilities ranging from UC Davis Medical Center in California to Henry Ford Hospital in Michigan.

"Our findings underscore the critical need for increased data protection in the health care industry," Jiang said. "While the law requires and systems to cross-share patient data, the more people who can access data, the less secure it is."

The researchers examined Department of Health and Human Services data for the period October 2009-December 2016. By law, hospitals covered by the Health Insurance Portability and Accountability Act, or HIPPA, must notify HHS of any affecting 500 or more individuals within 60 days from the discovery of the breach.

What they found was alarming:

  • Healthcare providers reported 1,225 of the 1,798 recorded breaches, while business associates, plans and healthcare clearinghouses reported the rest.
  • 257 breaches reported by 216 hospitals.
  • 33 hospitals experienced more than one breach - many of which are large, major teaching hospitals.

This research reinforces the critical trade-off patients face: healthcare systems having access to information they need, versus a hacker planning to spend your savings at Best Buy.

Explore further: Repeat data breaches among health care orgs down

Related Stories

Repeat data breaches among health care orgs down

May 4, 2014
(HealthDay)—Most health care organizations report having at least one recent data breach, but the number of organizations with more than five breaches has decreased, according to an article published April 8 in Medical ...

CareFirst says data breach affects about 1.1M people

May 20, 2015
In the latest disclosure of a cyberattack against a health insurer, CareFirst BlueCross BlueShield says that attackers gained access to a database that included the names of 1.1 million people.

Increase seen in data breaches of health information

April 14, 2015
Between 2010 and 2013, data breaches of protected health information reported by HIPAA-covered entities increased and involved approximately 29 million records, with most data breaches resulting from overt criminal activity, ...

Medicaid expansion brought across-the-board relief for Michigan hospitals, study finds

June 21, 2016
It happened fast. It happened in nearly every hospital in the state of Michigan. And it didn't come with dreaded side effects.

Recommended for you

New research suggests possible link between sudden infant death syndrome and air pollution

April 20, 2018
A study led by the University of Birmingham suggests a possible association between exposure to certain pollutants and an increased risk of so-called 'cot death'.

For heavy lifting, use exoskeletons with caution

April 20, 2018
You can wear an exoskeleton, but it won't turn you into a superhero.

A dose of empathy may support patients in pain

April 20, 2018
Research published in the Journal of the Royal Society of Medicine suggests that empathic, positive messages from doctors may be of small benefit to patients suffering from pain, and improve their satisfaction about the care ...

Male contraceptive compound stops sperm without affecting hormones

April 20, 2018
A new study published today in the journal PLOS ONE details how a compound called EP055 binds to sperm proteins to significantly slow the overall mobility of the sperm without affecting hormones, making EP055 a potential ...

New device to help patients with rare disease access life-saving treatment

April 19, 2018
Patients with a rare medical condition can receive life-saving treatment at the touch of a button thanks to a new device developed by scientists.

Age affects how we predict and respond to stress at home

April 19, 2018
A recent study finds that older adults are better than younger adults at anticipating stressful events at home - but older adults are not as good at using those predictions to reduce the adverse impacts of the stress.

0 comments

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.