As if running a large academic medical center (AMC) wasn’t complicated enough, now AMC leaders have one more thing to worry about—their organizations are more susceptible to large data breaches than other providers.
So say researchers who crunched the Department of Health and Human Services' numbers. Led by Ge Bai, Ph.D., an assistant professor at the Johns Hopkins Carey Business School in the District of Columbia, they offered a rundown in a letter published in JAMA.
Between Oct. 21, 2009, and Dec. 31, 2016, 1,798 data breaches were reported. Of the 33 hospitals that were breached at least twice, many are large teaching hospitals.
“Hospital size and major teaching status were positively associated with the risk of data breaches,” the authors concluded.
The authors noted there’s a “fundamental trade-off” between data security and data access.
“Broad access to health information, essential for hospitals’ quality improvement efforts and research and education needs, inevitably increases risks for data breaches and makes “zero breach” an extremely challenging objective,” they wrote. “The evolving landscape of breach activity, detection, management and response requires hospitals to continuously evaluate their risks and apply best data security practices.”