Loading...
Paper Type
ERF
Description
What might be the root cause of the breaches in healthcare industry? Is it human negligence or technical? If it is human or insider, then what types of insider threats are there? How can these threats be detected? These are the questions this emergent research is going to address. A literature search returned very few empirical research in this area. This research analyzes the textual data as reported by the entities and examines the root causes of the data breaches. Specifically, we found nearly 40% of breaches were due to insiders. We are interested in characteristics of these insider threats since the breaches are based inside the technical perimeter of the hospital. While most research is based on numerical data, this research analyzes the textual data of breach reports. Preliminary results indicate there are different types of insider threats and awareness training has poor effectiveness.
Paper Number
1402
Recommended Citation
Chakraborty, Aindrila and White, Garry, "Root Causes of Healthcare Data Breaches – A Text Analytic Approach" (2023). AMCIS 2023 Proceedings. 14.
https://aisel.aisnet.org/amcis2023/sig_sec/sig_sec/14
Root Causes of Healthcare Data Breaches – A Text Analytic Approach
What might be the root cause of the breaches in healthcare industry? Is it human negligence or technical? If it is human or insider, then what types of insider threats are there? How can these threats be detected? These are the questions this emergent research is going to address. A literature search returned very few empirical research in this area. This research analyzes the textual data as reported by the entities and examines the root causes of the data breaches. Specifically, we found nearly 40% of breaches were due to insiders. We are interested in characteristics of these insider threats since the breaches are based inside the technical perimeter of the hospital. While most research is based on numerical data, this research analyzes the textual data of breach reports. Preliminary results indicate there are different types of insider threats and awareness training has poor effectiveness.
When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.
Comments
SIG SEC