The compromise of personal data has been a major concern across most organizations after the introduction of information technology in their data management systems. Though the electronic method of maintaining customer information have increased efficiency, the data breach incidents across several business sectors have resulted into huge financial loss for multiple organizations. Information security regulations have been introduced periodically to control data breach occurrences in different business sectors. We aim to study the effect of regulations on data breaches that have taken place across multiple organizations and business sectors. Data breaches collected from the public websites have been utilized in the empirical analysis to study the effect of regulations on data breach occurrences. Our research indicates that both state and federal regulations helps to reduce breaches but their combined effect is more significant on reducing them. The effect of increased set of regulations in finance and healthcare industries like PCI and HITECH Act have been studied in this research. Other than regulations, external factors like population seem to influence data breach incidents. It has also been empirically analyzed that regulations have a more significant effect on accidental breaches than breaches performed with malicious intent.
Choudhury, Ananya Sinha and Kwon, Juhee, "A STUDY OF THE EFFECT OF REGULATIONS ON DIFFERENT TYPES OF INFORMATION SECURITY BREACHES ACROSS DIFFERENT BUSINESS SECTORS" (2016). PACIS 2016 Proceedings. 73.