Causes and Impacts of personal health Information (PHI) Breaches: A scoping review and thematic analysis

Javad K. Pool; Saeed Akhlaghpour; Farhad Fatehi; Andrew  Burton-Jones

Causes and Impacts of personal health Information (PHI) Breaches: A scoping review and thematic analysis

Javad K. Pool, Saeed Akhlaghpour, Farhad Fatehi, Andrew Burton-Jones

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

Abstract

In light of the recent high-profile data breach incidents, and newly updated mandatory data breach notification laws, considerable global attention is forming around the protection of Personal health information (PHI). PHI breaches, generally described as an impermissible use or disclosure of protected personal health information, are extremely consequential for healthcare organizations and their patients and customers. This paper reports on a scoping review and thematic analysis of the literature studying the causes and impacts of PHI breaches. We started our review by identifying over 900 relevant articles, and through a rigorous process, included 28 articles for a detailed synthesis. Our findings highlight a number of direct and indirect causes of PHI breaches and their behavioral and operational impacts. Based on these findings, gaps in the literature are identified and implications for future research are discussed.

Original language	English
Title of host publication	Proceedings of the Twenty-Third Pacific Asia Conference on Information Systems (PACIS 2019)
Editors	Dongming Xu, James Jiang, Hee-Woong Kim
Place of Publication	Atlanta, GA
Publisher	Association for Information Systems
Number of pages	14
Publication status	Published - 2019
Externally published	Yes
Event	Pacific Asia Conference on Information Systems 2019 - X'ian, China Duration: 8 Jul 2019 → 12 Jul 2019 Conference number: 23rd https://aisel.aisnet.org/pacis2019/

Conference

Conference	Pacific Asia Conference on Information Systems 2019
Abbreviated title	PACIS 2019
Country	China
City	X'ian
Period	8/07/19 → 12/07/19
Internet address	https://aisel.aisnet.org/pacis2019/

Keywords

Data breach
Digital health
Health information systems
Personal health information
Privacy
Security

Access to Document

Link to publication in Scopus

Cite this

Pool, Javad K. ; Akhlaghpour, Saeed ; Fatehi, Farhad ; Burton-Jones, Andrew . / Causes and Impacts of personal health Information (PHI) Breaches : A scoping review and thematic analysis. Proceedings of the Twenty-Third Pacific Asia Conference on Information Systems (PACIS 2019). editor / Dongming Xu ; James Jiang ; Hee-Woong Kim. Atlanta, GA : Association for Information Systems, 2019.

@inproceedings{c07270326d1f4fbcbe5036e89d3a9e47,

title = "Causes and Impacts of personal health Information (PHI) Breaches: A scoping review and thematic analysis",

abstract = "In light of the recent high-profile data breach incidents, and newly updated mandatory data breach notification laws, considerable global attention is forming around the protection of Personal health information (PHI). PHI breaches, generally described as an impermissible use or disclosure of protected personal health information, are extremely consequential for healthcare organizations and their patients and customers. This paper reports on a scoping review and thematic analysis of the literature studying the causes and impacts of PHI breaches. We started our review by identifying over 900 relevant articles, and through a rigorous process, included 28 articles for a detailed synthesis. Our findings highlight a number of direct and indirect causes of PHI breaches and their behavioral and operational impacts. Based on these findings, gaps in the literature are identified and implications for future research are discussed.",

keywords = "Data breach, Digital health, Health information systems, Personal health information, Privacy, Security",

author = "Pool, {Javad K.} and Saeed Akhlaghpour and Farhad Fatehi and Andrew Burton-Jones",

year = "2019",

language = "English",

editor = "Dongming Xu and James Jiang and Hee-Woong Kim",

booktitle = "Proceedings of the Twenty-Third Pacific Asia Conference on Information Systems (PACIS 2019)",

publisher = "Association for Information Systems",

address = "United States of America",

note = "Pacific Asia Conference on Information Systems 2019, PACIS 2019 ; Conference date: 08-07-2019 Through 12-07-2019",

url = "https://aisel.aisnet.org/pacis2019/",

}

Pool, JK, Akhlaghpour, S, Fatehi, F & Burton-Jones, A 2019, Causes and Impacts of personal health Information (PHI) Breaches: A scoping review and thematic analysis. in D Xu, J Jiang & H-W Kim (eds), Proceedings of the Twenty-Third Pacific Asia Conference on Information Systems (PACIS 2019). Association for Information Systems, Atlanta, GA, Pacific Asia Conference on Information Systems 2019, X'ian, China, 8/07/19.

Causes and Impacts of personal health Information (PHI) Breaches : A scoping review and thematic analysis. / Pool, Javad K.; Akhlaghpour, Saeed; Fatehi, Farhad; Burton-Jones, Andrew .

Proceedings of the Twenty-Third Pacific Asia Conference on Information Systems (PACIS 2019). ed. / Dongming Xu; James Jiang; Hee-Woong Kim. Atlanta, GA : Association for Information Systems, 2019.

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

TY - GEN

T1 - Causes and Impacts of personal health Information (PHI) Breaches

T2 - Pacific Asia Conference on Information Systems 2019

AU - Pool, Javad K.

AU - Akhlaghpour, Saeed

AU - Fatehi, Farhad

AU - Burton-Jones, Andrew

N1 - Conference code: 23rd

PY - 2019

Y1 - 2019

N2 - In light of the recent high-profile data breach incidents, and newly updated mandatory data breach notification laws, considerable global attention is forming around the protection of Personal health information (PHI). PHI breaches, generally described as an impermissible use or disclosure of protected personal health information, are extremely consequential for healthcare organizations and their patients and customers. This paper reports on a scoping review and thematic analysis of the literature studying the causes and impacts of PHI breaches. We started our review by identifying over 900 relevant articles, and through a rigorous process, included 28 articles for a detailed synthesis. Our findings highlight a number of direct and indirect causes of PHI breaches and their behavioral and operational impacts. Based on these findings, gaps in the literature are identified and implications for future research are discussed.

AB - In light of the recent high-profile data breach incidents, and newly updated mandatory data breach notification laws, considerable global attention is forming around the protection of Personal health information (PHI). PHI breaches, generally described as an impermissible use or disclosure of protected personal health information, are extremely consequential for healthcare organizations and their patients and customers. This paper reports on a scoping review and thematic analysis of the literature studying the causes and impacts of PHI breaches. We started our review by identifying over 900 relevant articles, and through a rigorous process, included 28 articles for a detailed synthesis. Our findings highlight a number of direct and indirect causes of PHI breaches and their behavioral and operational impacts. Based on these findings, gaps in the literature are identified and implications for future research are discussed.

KW - Data breach

KW - Digital health

KW - Health information systems

KW - Personal health information

KW - Privacy

KW - Security

UR - http://www.scopus.com/inward/record.url?scp=85089221816&partnerID=8YFLogxK

M3 - Conference Paper

AN - SCOPUS:85089221816

BT - Proceedings of the Twenty-Third Pacific Asia Conference on Information Systems (PACIS 2019)

A2 - Xu, Dongming

A2 - Jiang, James

A2 - Kim, Hee-Woong

PB - Association for Information Systems

CY - Atlanta, GA

Y2 - 8 July 2019 through 12 July 2019

ER -