Skip to main content
SpringerLink
Log in
Book cover

International Conference on Computational Data and Social Networks

CSoNet 2021: Computational Data and Social Networks pp 171–183Cite as

Security Breaches in the Healthcare Domain: A Spatiotemporal Analysis

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 13116))

Abstract

Over the past several years, data breaches have grown and become more expensive in the healthcare sector. Healthcare organizations are the main target of cybercriminals due to the sensitive and valuable data, such as patient demographics, SSNs, and personal treatment records. Data breaches are costly to breached organizations and affected individuals; hospitals can suffer substantial damage after the breach, while losing customer trust. Attackers often use breached data maliciously, e.g., demanding ransom or selling patient’s information on the dark web. To this end, this paper investigates data breaches incidents in the healthcare sector, including community, federal, and non-federal hospitals. Our analysis focuses on the reasoning and vulnerabilities that lead to data breaches, including the compromised information assets, geographical distribution of incidents, size of healthcare providers, the timeline discovery of incidents, and the discovery tools for external and internal incidents. We use correlation to examine the impact of several dimensions on data breaches. Among other interesting findings, our in-depth analysis and measurements revealed that the average number of data breaches in the United States is significantly higher than in the rest of the world, and the size of the health provider, accounting for factors such as the population and number of adults in a region, highly influences the level of exposure to data breaches in each state.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   64.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   84.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Adebayo, A.O.: A foundation for breach data analysis. J. Inf. Eng. Appl. 2(4), 17–23 (2012)

    Google Scholar 

  2. Alkinoon, M., Choi, S.J., Mohaisen, D.: Measuring healthcare data breaches. In: Kim, H. (ed.) WISA 2021. LNCS, vol. 13009, pp. 265–277. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-89432-0_22

    Chapter  Google Scholar 

  3. Chernyshev, M., Zeadally, S., Baig, Z.: Healthcare data breaches: implications for digital forensic readiness. J. Med. Syst. 43(1), 1–12 (2019)

    Article  Google Scholar 

  4. Choi, S.J., Johnson, M.E.: Understanding the relationship between data breaches and hospital advertising expenditures. Am. J. Manag. Care 25(5), e14–e20 (2019)

    Google Scholar 

  5. Employers Council: What is the definition of a health plan under HIPAA? (2015). https://bit.ly/3Aherpb

  6. Coventry, L., Branley, D.: Cybersecurity in healthcare: a narrative review of trends, threats and ways forward. PubMed, April 2018. https://doi.org/10.1016/j.maturitas.2018.04.008

  7. Developers: International organization for standardization: 3,166 country codes (2021). https://bit.ly/3Eoem5J

  8. Verizon Enterprise: Verizon data breach investigations report (2021). https://vz.to/3AvCNfn

  9. Gwebu, K., Barrows, C.W.: Data breaches in hospitality: is the industry different? J. Hosp. Tour. Technol. (2020)

    Google Scholar 

  10. (HC3), Health Sector Cybersecurity Coordination Center: A cost analysis of healthcare sector data breaches (2019). https://bit.ly/3hHpJMj

  11. Kamoun, F., Nicho, M.: Human and organizational factors of healthcare data breaches: the swiss cheese model of data breach causation and prevention. Int. J. Healthc. Inf. Syst. Inform. (IJHISI) 9(1), 42–60 (2014)

    Article  Google Scholar 

  12. Luo, E., Bhuiyan, M.Z.A., Wang, G., Rahman, M.A., Wu, J., Atiquzzaman, M.: PrivacyProtector: privacy-protected patient data collection in IoT-based healthcare systems. IEEE Commun. Mag. 56(2), 163–168 (2018)

    Article  Google Scholar 

  13. Makridis, C., Dean, B.: Measuring the economic effects of data breaches on firm outcomes. J. Econ. Soc. Meas. 43(1–2), 59–83 (2018)

    Article  Google Scholar 

  14. McLeod, A., Dolezel, D.: Cyber-analytics: modeling factors associated with healthcare data breaches. Decis. Support Syst. 108, 57–68 (2018). https://doi.org/10.1016/j.dss.2018.02.007

    Article  Google Scholar 

  15. Menachemi, N., Collum, T.H.: Benefits and drawbacks of electronic health record systems (2011). https://bit.ly/3EscQ2k

  16. Office for Civil Rights: Breach notification rule (2013). https://bit.ly/3jCpHXI

  17. Rank, N.P.D.: NPDB guide book (2021). https://bit.ly/2XwgTdw

  18. Sarabi, A., Naghizadeh, P., Liu, Y., Liu, M.: Risky business: fine-grained data breach prediction using business profiles. J. Cybersecur. 2(1), 15–28 (2016)

    Article  Google Scholar 

  19. Seh, A.H., et al.: Healthcare data breaches: insights and implications. Healthcare 8, 133 (2020). https://doi.org/10.3390/healthcare8020133

    Article  Google Scholar 

  20. Seh, A.H., et al.: Healthcare data breaches: insights and implications. In: Healthcare. vol. 8, p. 133. Multidisciplinary Digital Publishing Institute (2020)

    Google Scholar 

  21. Siddartha, B.K., Ravikumar, G.K.: Analysis of masking techniques to find out security and other efficiency issues in healthcare domain. In: Third International conference on I-SMAC, pp. 660–666 (2019). https://doi.org/10.1109/I-SMAC47947.2019.9032431

  22. Smith, T.: Examining data privacy breaches in healthcare. Ph.D. thesis, Walden U. (2016)

    Google Scholar 

  23. U.S. HHS: Business associate contracts (2013). https://bit.ly/3ChsJH9

  24. U.S. HHS: Business associates (2019). https://bit.ly/3tM4PQV

  25. Walker-Roberts, S., Hammoudeh, M., Aldabbas, O., Aydin, M., Dehghantanha, A.: Threats on the horizon: understanding security threats in the era of cyber-physical systems. J. Supercomput. 76(4), 2643–2664 (2020). https://doi.org/10.1007/s11227-019-03028-9

    Article  Google Scholar 

  26. Walker-Roberts, S., Hammoudeh, M., Dehghantanha, A.: A systematic review of the availability and efficacy of countermeasures to internal threats in healthcare critical infrastructure. IEEE Access 6, 25167–25177 (2018)

    Article  Google Scholar 

  27. Wikina, S.B.: What caused the breach? An examination of use of information technology and health data breaches. Perspect. Health Inf. Manag. 11(Fall), 1–16 (2014)

    Google Scholar 

  28. Yesmin, T., Carter, M.W.: Evaluation framework for automatic privacy auditing tools for hospital data breach detections: a case study. Int. J. Med. Inform. 138, 104123 (2020)

    Article  Google Scholar 

Download references

Acknowledgement

This work was supported by NRF-2016K1A1A2912757.

Author information

Authors and Affiliations

  1. University of Central Florida, Orlando, USA

    Mohammed Al Kinoon, Marwan Omar & David Mohaisen

  2. Northeastern Illinois University, Chicago, USA

    Manar Mohaisen

Authors
  1. Mohammed Al Kinoon
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Marwan Omar
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Manar Mohaisen
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. David Mohaisen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mohammed Al Kinoon .

Editor information

Editors and Affiliations

  1. University of Central Florida, Orlando, FL, USA

    David Mohaisen

  2. Kent State University, Kent, OH, USA

    Ruoming Jin

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Al Kinoon, M., Omar, M., Mohaisen, M., Mohaisen, D. (2021). Security Breaches in the Healthcare Domain: A Spatiotemporal Analysis. In: Mohaisen, D., Jin, R. (eds) Computational Data and Social Networks. CSoNet 2021. Lecture Notes in Computer Science(), vol 13116. Springer, Cham. https://doi.org/10.1007/978-3-030-91434-9_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-91434-9_16

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-91433-2

  • Online ISBN: 978-3-030-91434-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation