Human and Organizational Factors of Healthcare Data Breaches

Over the past few years, concerns related to healthcare data privacy have been mounting since healthcare information has become more digitized, distributed and mobile. However, very little is known about the root cause of data breach incidents; making it difficult for healthcare organizations to establish proper security controls and defenses. Through a systematic review and synthesis of data breaches literature, and using databases of earlier reported healthcare data breaches, the authors re-examine and analyze the causal factors behind healthcare data breaches. The authors then use the Swiss Cheese Model (SCM) to shed light on the technical, organizational and human factors of these breaches. The author's research suggests that incorporating the SCM concepts into the healthcare security policies and procedures can assist healthcare providers in assessing the vulnerabilities and risks associated with the maintenance and transmission of protected health information.

Download Full-text

Human and Organizational Factors of Healthcare Data Breaches

E-Health and Telemedicine ◽

10.4018/978-1-4666-8756-1.ch065 ◽

2016 ◽

pp. 1299-1319

Author(s):

Faouzi Kamoun ◽

Mathew Nicho

Keyword(s):

Data Privacy ◽

Healthcare Providers ◽

Organizational Factors ◽

Healthcare Organizations ◽

Data Breaches ◽

Healthcare Data ◽

Root Cause ◽

Security Controls ◽

Policies And Procedures ◽

Human And Organizational Factors

Download Full-text

A New Perspective on the Swiss Cheese Model Applied to Understanding the Anatomy of Healthcare Data Breaches

Advances in Healthcare Information Systems and Administration - Handbook of Research on Emerging Perspectives on Healthcare Information Systems and Informatics ◽

10.4018/978-1-5225-5460-8.ch004 ◽

2018 ◽

pp. 58-81

Author(s):

Faouzi Kamoun ◽

Mathew Nicho

Keyword(s):

Organizational Factors ◽

Extensive Literature ◽

Swiss Cheese ◽

Healthcare Organizations ◽

Data Breach ◽

Data Breaches ◽

Healthcare Data ◽

Swiss Cheese Model ◽

New Perspective ◽

Cheese Model

The healthcare industry has been lagging behind other industries in protecting its vital data. Over the past few years, researchers and practitioners have been trying to gain a better understanding of the anatomy of healthcare data breaches. In this chapter, the authors show how Reason's swiss cheese model (SCM) provides a powerful analytic model to explain the human, technical, and organizational factors of healthcare data breaches. They also show how the SCM brings forwards the latent conditions of healthcare data breach incidents that have often been overlooked in previous studies. Based on an extensive literature review and an analysis of reported breaches from credible sources, the authors provide an explanation of the cheese layers and the associated holes. Since the SCM endorses the “defenses in depth” approach, it can assist healthcare organizations and business associates in developing a comprehensive and systematic approach to prevent and mitigate data breach incidents.

Download Full-text

Survey of Cloud Computing in Healthcare Sector

International Journal of Advanced Research in Computer Science and Software Engineering ◽

10.23956/ijarcsse/v7i7/0222 ◽

2017 ◽

Vol 7 (7) ◽

pp. 337

Author(s):

S. Karthiga Devi ◽

B. Arputhamary

Keyword(s):

Cloud Computing ◽

Healthcare Providers ◽

High Volume ◽

Healthcare Services ◽

Healthcare Sector ◽

Cloud Infrastructure ◽

Healthcare Organizations ◽

Privacy And Security ◽

Healthcare Data ◽

Number Of Patients

Today the volume of healthcare data generated increased rapidly because of the number of patients in each hospital increasing. These data are most important for decision making and delivering the best care for patients. Healthcare providers are now faced with collecting, managing, storing and securing huge amounts of sensitive protected health information. As a result, an increasing number of healthcare organizations are turning to cloud based services. Cloud computing offers a viable, secure alternative to premise based healthcare solutions. The infrastructure of Cloud is characterized by a high volume storage and a high throughput. The privacy and security are the two most important concerns in cloud-based healthcare services. Healthcare organization should have electronic medical records in order to use the cloud infrastructure. This paper surveys the challenges of cloud in healthcare and benefits of cloud techniques in health care industries.

Download Full-text

Importance of Big Data In Healthcare System A Survey Approach

International Journal of Scientific Research in Computer Science Engineering and Information Technology ◽

10.32628/cseit20665 ◽

2020 ◽

pp. 47-56

Author(s):

M. Pavithra ◽

E. S. Shamila ◽

G. Krishna Priya ◽

G. VijiPriya ◽

R. Ashwini

Keyword(s):

Big Data ◽

Healthcare Providers ◽

Public Healthcare ◽

Healthcare Industry ◽

Healthcare Organizations ◽

Public And Private ◽

Healthcare Data ◽

System A ◽

Efficient Management ◽

Public And Private Sector

<p>‘Big data’ is massive amounts of information that can work wonders. It has become a topic of special interest for the past two decades because of a great potential that is hidden in it. Various public and private sector industries generate, store, and analyze big data with an aim to improve the services they provide. In the healthcare industry, various sources for big data include hospital records, medical records of patients, and results of medical examinations, and devices that are a part of internet of things. Biomedical research also generates a significant portion of big data relevant to public healthcare. This data requires proper management and analysis in order to derive meaningful information. Otherwise, seeking solution by analyzing big data quickly becomes comparable to finding a needle in the haystack. There are various challenges associated with each step of handling big data which can only be surpassed by using high-end computing solutions for big data analysis. That is why, to provide relevant solutions for improving public health, healthcare providers are required to be fully equipped with appropriate infrastructure to systematically generate and analyze big data. An efficient management, analysis, and interpretation of big data can change the game by opening new avenues for modern healthcare. That is exactly why various industries, including the healthcare industry, are taking vigorous steps to convert this potential into better services and financial advantages. With a strong integration of biomedical and healthcare data, modern healthcare organizations can possibly revolutionize the medical therapies and personalized medicine.</p>

Download Full-text

Benefits and challenges of Big Data in healthcare: an overview of the European initiatives

European Journal of Public Health ◽

10.1093/eurpub/ckz168 ◽

2019 ◽

Vol 29 (Supplement_3) ◽

pp. 23-27 ◽

Cited By ~ 7

Author(s):

Roberta Pastorino ◽

Corrado De Vito ◽

Giuseppe Migliara ◽

Katrin Glocker ◽

Ilona Binenbaum ◽

...

Keyword(s):

Public Health ◽

Big Data ◽

Best Practice ◽

Clinical Care ◽

Healthcare Providers ◽

Big Data Analytics ◽

Well Being ◽

Ageing Population ◽

Healthcare Organizations ◽

Healthcare Data

Abstract Healthcare systems around the world are facing incredible challenges due to the ageing population and the related disability, and the increasing use of technologies and citizen’s expectations. Improving health outcomes while containing costs acts as a stumbling block. In this context, Big Data can help healthcare providers meet these goals in unprecedented ways. The potential of Big Data in healthcare relies on the ability to detect patterns and to turn high volumes of data into actionable knowledge for precision medicine and decision makers. In several contexts, the use of Big Data in healthcare is already offering solutions for the improvement of patient care and the generation of value in healthcare organizations. This approach requires, however, that all the relevant stakeholders collaborate and adapt the design and performance of their systems. They must build the technological infrastructure to house and converge the massive volume of healthcare data, and to invest in the human capital to guide citizens into this new frontier of human health and well-being. The present work reports an overview of best practice initiatives in Europe related to Big Data analytics in public health and oncology sectors, aimed to generate new knowledge, improve clinical care and streamline public health surveillance.

Download Full-text

INCREASING ADOPTION OFSOCIAL MEDIA IN HEALTHCARE ORGANIZATIONS : OPPORTUNITIES AND CONCERNS

Management Insight - The Journal of Incisive Analysers ◽

10.21844/mijia.v12i1.11388 ◽

2016 ◽

Vol 12 (1) ◽

Author(s):

Sharafat Hussain ◽

Prof. Mohd. Abdul Azeem

Keyword(s):

Health Care ◽

Social Media ◽

Social Networking ◽

Health Care Organizations ◽

Healthcare Providers ◽

Healthcare Organizations ◽

Online Questionnaire ◽

Potential Benefits ◽

Social Media Presence ◽

Use Of Social Media

Adoption of social media amongst health care organizations is thriving. Healthcare providers have begun to connect with patients via social media. While some healthcare organizations have taken the initiative, numerous others are attempting to comprehend this new medium of opportunity. These organizations are finding that social networking can be an effective way to monitor brand, connecting with patients, community, and patient education and acquiring new talent. This study is conducted to identify the purpose of using social media, concerns, policy and its implementation and the overall experience of healthcare organizations with social media. To collect first hand data, online questionnaire was sent via LinkedIn to 400 US healthcare organizations and representatives out of which 117 responded and were taken further for analsysis. The results of this study confirm the thriving adoption, increased opportunities and cautious use of social media by healthcare organizations. The potential benefits present outweigh the risk and concerns associated with it. Study concluded that social media presence will continue to grow into the future and the field of healthcare is no exception.

Download Full-text

Internet of things issues related to psychiatry

International Journal of Bipolar Disorders ◽

10.1186/s40345-020-00216-y ◽

2021 ◽

Vol 9 (1) ◽

Author(s):

Scott Monteith ◽

Tasha Glenn ◽

John Geddes ◽

Emanuel Severus ◽

Peter C. Whybrow ◽

...

Keyword(s):

Internet Of Things ◽

Cognitive Abilities ◽

Healthcare Providers ◽

Emotional Reactions ◽

The Body ◽

Psychiatric Research ◽

Main Body ◽

Personal Safety ◽

Healthcare Organizations ◽

Iot Devices

Abstract Background Internet of Things (IoT) devices for remote monitoring, diagnosis, and treatment are widely viewed as an important future direction for medicine, including for bipolar disorder and other mental illness. The number of smart, connected devices is expanding rapidly. IoT devices are being introduced in all aspects of everyday life, including devices in the home and wearables on the body. IoT devices are increasingly used in psychiatric research, and in the future may help to detect emotional reactions, mood states, stress, and cognitive abilities. This narrative review discusses some of the important fundamental issues related to the rapid growth of IoT devices. Main body Articles were searched between December 2019 and February 2020. Topics discussed include background on the growth of IoT, the security, safety and privacy issues related to IoT devices, and the new roles in the IoT economy for manufacturers, patients, and healthcare organizations. Conclusions The use of IoT devices will increase throughout psychiatry. The scale, complexity and passive nature of data collection with IoT devices presents unique challenges related to security, privacy and personal safety. While the IoT offers many potential benefits, there are risks associated with IoT devices, and from the connectivity between patients, healthcare providers, and device makers. Security, privacy and personal safety issues related to IoT devices are changing the roles of manufacturers, patients, physicians and healthcare IT organizations. Effective and safe use of IoT devices in psychiatry requires an understanding of these changes.

Download Full-text

A Global Socio-economic-medico-legal Model for the Sustainability of Longitudinal Electronic Health Records

Methods of Information in Medicine ◽

10.1055/s-0038-1634081 ◽

2006 ◽

Vol 45 (03) ◽

pp. 240-245 ◽

Cited By ~ 21

Author(s):

A. Shabo

Keyword(s):

Electronic Health Records ◽

Healthcare Providers ◽

Financial Assets ◽

Healthcare Organizations ◽

Health Records ◽

Record Keeping ◽

Proposed Model ◽

Legal Model ◽

Electronic Health

Summary Objectives: This paper pursues the challenge of sustaining lifetime electronic health records (EHRs) based on a comprehensive socio-economic-medico-legal model. The notion of a lifetime EHR extends the emerging concept of a longitudinal and cross-institutional EHR and is invaluable information for increasing patient safety and quality of care. Methods: The challenge is how to compile and sustain a coherent EHR across the lifetime of an individual. Several existing and hypothetical models are described, analyzed and compared in an attempt to suggest a preferred approach. Results: The vision is that lifetime EHRs should be sustained by new players in the healthcare arena, who will function as independent health record banks (IHRBs). Multiple competing IHRBs would be established and regulated following preemptive legislation. They should be neither owned by healthcare providers nor by health insurer/payers or government agencies. The new legislation should also stipulate that the records located in these banks be considered the medico-legal copies of an individual’s records, and that healthcare providers no longer serve as the legal record keepers. Conclusions: The proposed model is not centered on any of the current players in the field; instead, it is focussed on the objective service of sustaining individual EHRs, much like financial banks maintain and manage financial assets. This revolutionary structure provides two main benefits: 1) Healthcare organizations will be able to cut the costs of long-term record keeping, and 2) healthcare providers will be able to provide better care based on the availability of a lifelong EHR of their new patients.

Download Full-text

WhatsApp Tele-Medicine – usage patterns and physicians views on the platform

Israel Journal of Health Policy Research ◽

10.1186/s13584-021-00468-8 ◽

2021 ◽

Vol 10 (1) ◽

Author(s):

Edward Barayev ◽

Omri Shental ◽

Dotan Yaari ◽

Elchanan Zloczower ◽

Itai Shemesh ◽

...

Keyword(s):

Instant Messaging ◽

Care Delivery ◽

Healthcare Providers ◽

Smartphone Application ◽

Cross Sectional Study ◽

Healthcare Organizations ◽

Cross Sectional ◽

Patient Confidentiality ◽

Medical Specialists ◽

Usage Patterns

Abstract Background Telemedicine has become an integral part of health care delivery in recent years. One of the leading applications for this use is WhatsApp — a free smartphone application that allows instant messaging with pictures and videos. This study analyzed the emerging role of WhatsApp on reducing the need for referrals to medical specialists and to compare the views of physicians regarding WhatsApp consultations. Methods A cross-sectional study based on an anonymous web-survey was conducted among PCPs and medical specialists working in the Israel Defense Forces Medical-Corps during September and October, 2019. Results Of 201 participants, 153 were PCPs and 48 were medical specialists. 86.9 % of PCPs and 86.5 % of specialists used WhatsApp every day in professional settings. Added workload, potential breaching of patient confidentiality and lack of full documentation of consultations were the main concerns among physicians using the application. 60.7 % of PCPs and 95.7 % of specialists stated that these consultations have reduced the need for in-person appointments at least once a week. Conclusions In times of COVID-19 that require social distancing, WhatsApp provides a simple, readily available platform for consultations between healthcare providers, even to the extent of rendering some in-person appointments unnecessary. Healthcare organizations should address the matters troubling healthcare providers, mainly patient confidentiality and lack of documentation in patients’ medical records, while providing adequate compensation for those providing the service during and after work hours.

Download Full-text

A HIPAA Security and Privacy Compliance Audit and Risk Assessment Mitigation Approach

International Journal of Cyber Research and Education ◽

10.4018/ijcre.2021070103 ◽

2021 ◽

Vol 3 (2) ◽

pp. 28-45

Author(s):

Young B. Choi ◽

Christopher E. Williams

Keyword(s):

Healthcare System ◽

Information Assurance ◽

Healthcare Providers ◽

Security And Privacy ◽

Privacy Requirements ◽

Security Controls ◽

The Us ◽

Compliance Audit ◽

And Control ◽

Health Laws

Data breaches have a profound effect on businesses associated with industries like the US healthcare system. This task extends more pressure on healthcare providers as they continue to gain unprecedented access to patient data, as the US healthcare system integrates further into the digital realm. Pressure has also led to the creation of the Health Insurance Portability and Accountability Act, Omnibus Rule, and Health Information Technology for Economic and Clinical Health laws. The Defense Information Systems Agency also develops and maintains security technical implementation guides that are consistent with DoD cybersecurity policies, standards, architectures, security controls, and validation procedures. The objective is to design a network (physician's office) in order to meet the complexity standards and unpredictable measures posed by attackers. Additionally, the network must adhere to HIPAA security and privacy requirements required by law. Successful implantation of network design will articulate comprehension requirements of information assurance security and control.

Download Full-text