TY - GEN
T1 - Trends in US Healthcare Data Breaches
AU - Xu, Li
N1 - Publisher Copyright:
© 2025 IEEE.
PY - 2025
Y1 - 2025
N2 - Healthcare data breaches remain the most costly among industries, threatening patient privacy, organizational integrity, and public trust. This study analyzed healthcare data breaches reported to the United States (US) Department of Health and Human Services (HHS) Office for Civil Rights (OCR) between 2019 and 2024 to uncover trends, geographic distributions, breach types and locations, and response strategies. Findings indicate an increasing frequency and severity of breaches, with large-scale incidents disproportionately affecting vast populations. Geographic and temporal patterns reveal that populous and affluent states - such as California, Texas, and New York - consistently face higher risks, while other regions experience intermittent surges. The study also highlights a shift in cybercriminal tactics, with network servers and electronic records emerging as primary targets, signaling broader technological trends and a decline in physical breaches. Despite advances in artificial intelligence and machine learning for cybersecurity, human error remains a critical vulnerability. These findings underscore the need for integrated solutions combining regulatory enforcement, technological innovation, and humancentered strategies. This study provides actionable insights to mitigate financial and reputation damages, fostering improved cybersecurity resilience in the healthcare sector.
AB - Healthcare data breaches remain the most costly among industries, threatening patient privacy, organizational integrity, and public trust. This study analyzed healthcare data breaches reported to the United States (US) Department of Health and Human Services (HHS) Office for Civil Rights (OCR) between 2019 and 2024 to uncover trends, geographic distributions, breach types and locations, and response strategies. Findings indicate an increasing frequency and severity of breaches, with large-scale incidents disproportionately affecting vast populations. Geographic and temporal patterns reveal that populous and affluent states - such as California, Texas, and New York - consistently face higher risks, while other regions experience intermittent surges. The study also highlights a shift in cybercriminal tactics, with network servers and electronic records emerging as primary targets, signaling broader technological trends and a decline in physical breaches. Despite advances in artificial intelligence and machine learning for cybersecurity, human error remains a critical vulnerability. These findings underscore the need for integrated solutions combining regulatory enforcement, technological innovation, and humancentered strategies. This study provides actionable insights to mitigate financial and reputation damages, fostering improved cybersecurity resilience in the healthcare sector.
KW - cybersecurity
KW - data analytics
KW - Health and Human Services (HHS)
KW - Healthcare data breaches
KW - human factors
UR - https://www.scopus.com/pages/publications/105016170111
UR - https://www.scopus.com/pages/publications/105016170111#tab=citedBy
U2 - 10.1109/ICAD65464.2025.11114030
DO - 10.1109/ICAD65464.2025.11114030
M3 - Conference contribution
AN - SCOPUS:105016170111
T3 - 2025 IEEE Conference on AI and Data Analytics, ICAD 2025
BT - 2025 IEEE Conference on AI and Data Analytics, ICAD 2025
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2025 IEEE International Conference on AI and Data Analytics, ICAD 2025
Y2 - 24 June 2025
ER -