Currently Viewing:
The American Journal of Managed Care February 2018
Community Navigators Reduce Hospital Utilization in Super-Utilizers
Michael P. Thompson, PhD; Pradeep S.B. Podila, MS, MHA; Chip Clay, MDiv, BCC; Joy Sharp, BS; Sandra Bailey-DeLeeuw, MSHS; Armika J. Berkley, MPH; Bobby G. Baker, DMin, BCC; and Teresa M. Waters, PhD
Cost-Effectiveness of Collaborative Care for Depression and PTSD in Military Personnel
Tara A. Lavelle, PhD; Mallika Kommareddi, MPH; Lisa H. Jaycox, PhD; Bradley Belsher, PhD; Michael C. Freed, PhD; and Charles C. Engel, MD, MPH
Currently Reading
Data Breach Locations, Types, and Associated Characteristics Among US Hospitals
Meghan Hufstader Gabriel, PhD; Alice Noblin, PhD, RHIA, CCS; Ashley Rutherford, PhD, MPH; Amanda Walden, MSHSA, RHIA, CHDA; and Kendall Cortelyou-Ward, PhD
Pricing of Monoclonal Antibody Therapies: Higher If Used for Cancer?
Inmaculada Hernandez, PharmD, PhD; Samuel W. Bott, BS; Anish S. Patel, BS; Collin G. Wolf, BS; Alexa R. Hospodar, BS; Shivani Sampathkumar, BS; and William H. Shrank, MD, MSHS
Leveraging Benefit Design for Better Diabetes Self-Management and A1C Control
Abiy Agiro, PhD; Yiqiong Xie, PhD; Kevin Bowman, MD; and Andrea DeVries, PhD
Development of a Tailored Survey to Evaluate a Patient-Centered Initiative
Marcy Winget, PhD; Farnoosh Haji-Sheikhi, MS; and Steve M. Asch, MD, MPH
Claims-Based Risk Model for First Severe COPD Exacerbation
Richard H. Stanford, PharmD, MS; Arpita Nag, PhD, MBA, MS; Douglas W. Mapel, MD; Todd A. Lee, PhD; Richard Rosiello, MD; Michael Schatz, MD; Francis Vekeman, MS; Marjolaine Gauthier-Loiselle, PhD; J.F. Philip Merrigan, PhD; and Mei Sheng Duh, ScD
Impact of Telephonic Comprehensive Medication Reviews on Patient Outcomes
Evan A. DeZeeuw, PharmD; Ashley M. Coleman, PharmD; and Milap C. Nahata, PharmD, MS
Variation in Markups on Outpatient Oncology Services in the United States
Angela Park; Tim Xu, MD, MPP; Michael Poku, MD, MBA; James Taylor, MBBChir, MPH, MRCS(Eng); and Martin A. Makary, MD, MPH

Data Breach Locations, Types, and Associated Characteristics Among US Hospitals

Meghan Hufstader Gabriel, PhD; Alice Noblin, PhD, RHIA, CCS; Ashley Rutherford, PhD, MPH; Amanda Walden, MSHSA, RHIA, CHDA; and Kendall Cortelyou-Ward, PhD
Despite the high level of hospital adoption of electronic health records and the federal incentives to do so, the most common type of data breach in hospitals occurred with paper records and films.
ABSTRACT

Objectives: The objectives of this study were to describe the locations in hospitals where data are breached, the types of breaches that occur most often at hospitals, and hospital characteristics, including health information technology (IT) sophistication and biometric security capabilities, that may be predicting factors of large data breaches that affect 500 or more patients.

Study Design: The Office of Civil Rights breach data from healthcare providers regarding breaches that affected 500 or more individuals from 2009 to 2016 were linked with hospital characteristics from the Health Information Management Systems Society and the American Hospital Association Health IT Supplement databases.

Methods: Descriptive statistics were used to characterize hospitals with and without breaches, data breach type, and location/mode of data breaches in hospitals. Multivariate logistic regression analysis explored hospital characteristics that were predicting factors of a data breach affecting at least 500 patients, including area characteristics, region, health system membership, size, type, biometric security use, health IT sophistication, and ownership.

Results: Of all types of healthcare providers, hospitals accounted for approximately one-third of all data breaches and hospital breaches affected the largest number of individuals. Paper and films were the most frequent location of breached data, occurring in 65 hospitals during the study period, whereas network servers were the least common location but their breaches affected the most patients overall. Adjusted multivariate results showed significant associations among data breach occurrences and some hospital characteristics, including type and size, but not others, including health IT sophistication or biometric use for security.

Conclusions: Hospitals should conduct routine audits to allow them to see their vulnerabilities before a breach occurs. Additionally, information security systems should be implemented concurrently with health information technologies. Improving access control and prioritizing patient privacy will be important steps in minimizing future breaches.

Am J Manag Care. 2018;24(2):78-84

Become a Member to see the rest of this article and get access to all of our articles and resources. Membership is Free!

 
Copyright AJMC 2006-2018 Clinical Care Targeted Communications Group, LLC. All Rights Reserved.
x
Welcome the the new and improved AJMC.com, the premier managed market network. Tell us about yourself so that we can serve you better.
Sign Up
×

Sign In

Not a member? Sign up now!