Link Search Menu Expand Document
Publications

This is the mobile-friendly web version of the original article.

Impact of Information Breaches on Health Care Records

Walden University, ScholarWorks

Walden Dissertations and Doctoral Studies, Walden Dissertations and Doctoral Studies Collection

2021

Anton Antony Arockiasamy

Walden University
Linkedin

Video: You’re Ready for Your Degree; Walden is Ready for You

This Dissertation is brought to you for free and open access by the Walden Dissertations and Doctoral Studies Collection at ScholarWorks. It has been accepted for inclusion in Walden Dissertations and Doctoral Studies by an authorized administrator of ScholarWorks. For more information, please contact [email protected].

  1. Abstract
  2. Dedication
  3. Acknowledgments
  4. Table of Contents
  5. List of Tables
  6. List of Figures

Walden University

College of Management and Technology

This is to certify that the doctoral dissertation by

Anton Antony Arockiasamy

has been found to be complete and satisfactory in all respects, and that any and all revisions required by the review committee have been made.

Review Committee Dr. Aridaman Jain, Committee Chairperson, Management Faculty Dr. Robert Levasseur, Committee Member, Management Faculty Dr. Jean Gordon, University Reviewer, Management Faculty

Chief Academic Officer and Provost Sue Subocz, Ph.D.

Walden University 2021

Abstract Impact of Information Breaches on Health Care Records

by

Anton Antony Arockiasamy

Mini-MBA, Rutgers University, 2012 MS, Birla Institute of Technology and Science, 2011 MBA, Annamalai University, 2009 BE, Anna University, 2007

Dissertation Submitted in Partial Fulfillment of the Requirements for the Degree of Doctor of Philosophy Management

Walden University February 2021

Abstract

Although there were almost 3.5 million reported information breaches of health care data in the first quarter of 2019, health care providers do not know the extent of digital and nondigital breaches of patient medical records. The purpose of this quantitative, comparative study was to identify the difference between the individual patient records affected by digital versus nondigital breaches for three types of health care entities in the United States, health care providers, health care plans, and health care clearinghouses. Allman’s privacy regulation theory, the National Institute of Standards and Technology Privacy Framework, and ecological systems theory comprised the theoretical framework. The focus of the research questions was on the difference between digital and nondigital breaches for each of the health care entities. The study data consisted of 2,601 digital and nondigital breach reports for the three healthcare entities for the years 2010 to 2018 retrieved from the public database of HIPAA breach and violations maintained by the U.S. Department of Health and Human Services. Significant t tests of the hypotheses for each health care entity indicated that more breaches occurred digitally than nondigitally, and that health plan provider breaches resulted in a greater number of individuals impacted per incident than breaches of healthcare providers or healthcare clearinghouses. The implication for positive social change is that the study findings may help health care entities make better decisions about how to allocate scarce information security resources to lower health care costs by reducing the breaches of health care records.

Dedication

I dedicate this research study to my wife, Abini Cross, for her love, unwavering support, and patience during my long journey. I also dedicate this to my daughter, Amy Anton. My doctoral journey started during the same year when Amy was born. We both grew together and shared beautiful memories during this long journey. Amy has been a motivational force for me to complete my doctorate.

I also would like to dedicate this study to my brother, Frank Duff, who has suffered from hydrocephalus all his life and always reminds me of the importance of healthcare in our community. I also would like to thank my parents, Antoni and Anuncia, who emphasized the importance of education since my childhood.

I also dedicate this study to my mentor, Ramon Collante; without his support, for which I will forever be thankful, this journey would not have been possible. Above all, I am thankful that God has showered his blessings and strength on me during my doctoral journey and all my life.

Acknowledgments

I would like to acknowledge Dr. Aridaman K. Jain, my chair, for his continued support and motivation during this whole process. I would also like to thank Dr. Robert Levasseur, my second committee member, for his guidance in shaping this dissertation to be aligned with the required elements. I also would like to thank my first, second committee member, Dr. Thomas Spencer, who helped during the initial phases of this journey until his retirement. I would like to acknowledge Robert James Babin Sr., Chief Information Security Office at Saint Peter’s Healthcare System, and Dr. Capecomorin Pitchumoni for their inspiration in initiating this study based on the HIPAA security breaches.

I would like to extend my thanks to the Information Technology leadership members, William Rears, Dr. Jordan Tannenbaum, and Frank DiSanzo, from Saint Peter’s Healthcare System for their support during this doctoral journey. In addition, I would like to thank the Human Resources department at Saint Peter’s Healthcare System, especially Pam Teufel and Susan Ballestero, for facilitating the scholarship, which greatly helped during this long journey.

Table of Contents

  • List of Tables
  • List of Figures
  • Chapter 1: Introduction to the Study
    • Background of the Study
    • Problem Statement
    • Purpose of the Study
    • Research Questions and Hypotheses
    • Theoretical Foundation
    • Nature of the Study
    • Definitions
    • Assumptions
    • Scope and Delimitations
    • Limitations
    • Significance of the Study
      • Significance to Theory
      • Significance to Practice
      • Significance to Social Change
    • Summary and Transition
  • Chapter 2: Literature Review
    • Introduction
    • Literature Search Strategy
    • Theoretical Foundation
      • The NIST Privacy Framework
      • Ecological Systems Theory
    • Review of the Literature
      • Healthcare Systems Within the United States
      • Cyber Security
      • Common Types of Cyber Breaches
      • Integration of Cybersecurity
      • Effects of Cyber Breaches
    • Summary and Conclusions
  • Chapter 3: Research Method
    • Research Design and Rationale
    • Methodology
      • Population
      • Archival Data
    • Threats to Validity
    • Summary
  • Chapter 4: Results
    • Data Collection
    • Study Results
    • Summary
  • Chapter 5: Discussion, Conclusions, and Recommendations
    • Interpretation of the Findings
    • Limitations of the Study
    • Recommendations
    • Implications
    • Conclusion
  • References

List of Tables

Table 1. Descriptive Statistics of the Raw Number of Individuals Affected Based on the Type of Breach

Table 2. Independent Samples t-Test Results of the Number of Individuals Affected Based on the Type of Breach for Raw Data

Table 3. Descriptive Statistics of the 10% Trimmed Raw Number of Individuals Affected Based on the Type of Breach

Table 4. Independent Samples t-Test Results of the Number of Individuals Affected Based on the Type of Breach for 10% Trimmed Raw Data with 90% Confidence Interval

Table 5. Independent Samples t-Test Results of the Number of Individuals Affected Based on the Type of Breach for Loge of 10% Trimmed Raw Data With 90% Confidence Interval

Table 6. Descriptive Statistics of the Loge of 10% trimmed Raw Number of Individuals Affected Based on the Type of Breach

Table 7. Descriptive Statistics of the Exponential of Loge of 10% Trimmed Raw Number of Individuals Affected Based on the Type of Breach

Table 8. Summary Table for Healthcare Providers

Table 9. Descriptive Statistics of the Raw Number of Individuals Affected Based on the Type of Breach

Table 10. Independent Samples t-Test Result for the Number of Individuals Affected Based on the Type of Breach for Raw Data

Table 11. Descriptive Statistics of the 10% Trimmed Raw Number of Individuals Affected Based on the Type of Breach

Table 12. Independent Samples t-Test Result for the Number of Individuals Affected Based on the Type of Breach for 10% Trimmed Raw Data With 90% Confidence Interval

Table 13. Independent Samples t-Test Result for the Number of Individuals Affected Based on the Type of Breach for Loge of 10% Trimmed Raw Data With 90% Confidence Interval

Table 14. Descriptive Statistics of the Loge of 10% Trimmed Raw Number of Individuals Affected Based on the Type of Breach

Table 15. Descriptive Statistics of the Exponential of Loge of 10% Trimmed Raw Number of Individuals Affected Based on the Type of Breach

Table 16. Summary Table for Health Plan Providers

Table 17. Descriptive Statistics of the Raw Number of Individuals Affected Based on the Type of Breach

Table 18. Independent Samples t-Test Result for the Number of Individuals Affected Based on the Type of Breach for Raw Data

Table 19. Descriptive Statistics of the 10% Trimmed Raw Number of Individuals Affected Based on the Type of Breach

Table 20. Independent Samples t-Test Result for the Number of Individuals Affected Based on the Type of Breach for 10% Trimmed Raw Data With 90% Confidence Interval

Table 21. Independent Samples t-Test Result for the Number of Individuals Affected Based on the Type of Breach for Loge of 10% Trimmed Raw Data With 90% Confidence Interval

Table 22. Descriptive Statistics of the Loge of 10% Trimmed Raw Number of Individuals Affected Based on the Type of Breach

Table 23. Descriptive Statistics of the Exponential of Loge of 10% Trimmed Raw Number of Individuals Affected Based on the Type of Breach

Table 24. Summary Table for Healthcare Clearinghouses

List of Figures

Figure 1. Histogram of Raw Data of Health Care Providers

Figure 2. Histogram When Top 10% of the Values are Excluded

Figure 3. Histogram of Loge of Top 10% Excluded Data

Figure 4. Histogram of Raw Data Health Plan Providers

Figure 5. Histogram of Top 10% Excluded Data

Figure 6. Histogram of Loge of Top 10% Excluded Data

Figure 7. Histogram of Raw Data of Health Care Clearing Houses

Figure 8. Histogram of Top 10% Excluded Data

Figure 9. Histogram of Loge of Top 10% Excluded Data

Table of contents