Data breach remediation efforts and their implications for hospital quality

Sung J. Choi, M. Eric Johnson, Christoph U. Lehmann

Research output: Contribution to journalArticle

1 Scopus citations

Abstract

Objective: To estimate the relationship between breach remediation efforts and hospital care quality. Data Sources: Department of Health and Human Services’ (HHS) public database on hospital data breaches and Medicare Compare's public data on hospital quality measures for 2012-2016. Materials and Methods: Data breach data were merged with the Medicare Compare data for years 2012-2016, yielding a panel of 3025 hospitals with 14 297 unique hospital-year observations. Study Design: The relationship between breach remediation and hospital quality was estimated using a difference-in-differences regression. Hospital quality was measured by 30-day acute myocardial infarction mortality rate and time from door to electrocardiogram. Principal Findings: Hospital time-to-electrocardiogram increased as much as 2.7 minutes and 30-day acute myocardial infarction mortality increased as much as 0.36 percentage points during the 3-year window following a breach. Conclusion: Breach remediation efforts were associated with deterioration in timeliness of care and patient outcomes. Thus, breached hospitals and HHS oversight should carefully evaluate remedial security initiatives to achieve better data security without negatively affecting patient outcomes.

Original languageEnglish (US)
Pages (from-to)971-980
Number of pages10
JournalHealth Services Research
Volume54
Issue number5
DOIs
Publication statusPublished - Oct 1 2019
Externally publishedYes

    Fingerprint

Keywords

  • data breach
  • privacy
  • quality of care
  • security

ASJC Scopus subject areas

  • Health Policy

Cite this