Abstract

Healthcare organizations face rising cybersecurity threats due to sensitive patient data, regulatory pressures, and rapid digitalization. While prior research highlights technical and organizational drivers of breach risk, less is known about how cybersecurity workforce configurations, risk management functions, and AI/ML adoption jointly shape breach outcomes. We theorize that (1) greater proportions of internal and external cybersecurity employees and (2) the presence of Security Operations Centers and Third-Party Risk Management programs reduce data breach risk, and that AI/ML adoption strengthens these effects. Using a hospital-year panel dataset combining the American Hospital Association survey and Privacy Rights Clearinghouse breach data, we aim to estimate a discrete-time hazard model to examine breach likelihood. Our findings offer new insights into how workforce structures and governance routines, amplified by AI/ML adoption, mitigate data breach risk in healthcare. This study contributes to the IS literature by integrating human, organizational, and technological factors in cybersecurity strategy.

Download

Share

COinS