Electronic Medical Records Breaches in the US Healthcare Ecosystem
(A2019-9353)

AUTHORS

Nour Alrabie, TSM-Research, Université Toulouse Capitole, CNRS; Julien Cloarec, TSM-Research, Université Toulouse Capitole, CNRS

KEYWORDS

Electronic Medical Records; Data Breaches; Neo-Institutional Theory

ABSTRACT

Electronic Medical Records (EMRs) are the most significant innovation in digital health. Their implementation allows both improved patient care and reduced health cost, and facilitates medical decision-making. Despite these qualities, the anonymization of EMRs is not effective. Health data breaches represent a quarter of all data breaches, which can increase patients’ privacy concerns and lead to the rejection of EMRs. Surprisingly, the literature under-investigates health data breaches aside from healthcare providers. Our exploratory study aims to classify EMRs breaches in a healthcare ecosystem. We used the publicly available data of the U.S. Department of Health and Human Services Office for Civil Rights from 2010 to 2017. A classification analysis was conducted with a final sample composed of 139 EMRs breaches. We show that researchers and policymakers should pay more attention to business associates and health plans. Despite their small number of EMRs breaches, the average number of harmed patients is incredibly high.