Skip to main content
SpringerLink
Log in
Book cover

International Conference on Human-Computer Interaction

HCII 2019: HCI International 2019 - Posters pp 219–224Cite as

A Framework for Enhancing Health Information Data Security: Application of the Consolidated Framework for Implementation Research to Breach Analysis

  • Conference paper
  • First Online:

  • 1699 Accesses

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1032))

Abstract

Health information security breaches continue to be a pervasive problem in a variety of health care environments. Security breaches compromise the integrity of sensitive health information and serve as a barrier to health care provider, stakeholder, and patient trust in the full integration of transformative health informatics tools (e.g. shareable electronic health records) into the US health care system. While the logistics of security breaches are technological in nature, security breach awareness and prevention require exploring the complex web of the health care environment and understanding how the environment itself paves a path for potential security problems. In an effort to better understand the nature of data security breaches in health care environments, the authors propose an innovative application of the Consolidated Framework for Implementation Research (CFIR) to security breach analysis. The authors build on their previous research on electronic health records engagement, breach analysis, and audit procedures in various health care settings. For the purpose of demonstration, the current paper analyzes the most relevant breach occurrences based on volume of patient records from the Health and Human Services (HHS.GOV) breach dataset. Breach types were mapped to relevant CFIR constructs. The authors present the results of the CFIR mapping and discuss the potential uses of the CFIR constructs to support health information security practitioners in their efforts to improve the health data security environment.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Liu, V., Musen, M.A., Chou, T.: Data breaches of protected health information in the United States. JAMA 313(14), 1471–1473 (2015)

    Article  Google Scholar 

  2. Wikina, S. B.: What caused the breach? An examination of use of information technology and health data breaches. Perspect. Health Inform. Manag. 11(Fall) (2014)

    Google Scholar 

  3. Agaku, I.T., Adisa, A.O., Ayo-Yusuf, O.A., Connolly, G.N.: Concern about security and privacy, and perceived control over collection and use of health information are related to withholding of health information from healthcare providers. J. Am. Med. Inform. Assoc. 21(2), 374–378 (2013)

    Article  Google Scholar 

  4. Consolidated framework for implementation research guide. http://www.cfir.org. Accessed 3 Mar 2019

  5. Damschroder, L.J., Aron, D.C., Keith, R.E., Kirsh, S.R., Alexander, J.A., Lowery, J.C.: Fostering implementation of health services research findings into practice: a consolidated framework for advancing implementation science. Implement. Sci. 4(1), 50 (2009)

    Article  Google Scholar 

  6. Acharya, S., Werts, N.: Toward the design of an engagement tool for effective electronic health record adoption. Perspect. Health Inform. Manag. 16(Winter), 1g (2019)

    Google Scholar 

  7. HITECH Enforcement Act. https://www.hhs.gov/hipaa/for-professionals/special-topics/hitech-act-enforcement-interim-final-rule/index.html. Accessed 3 Mar 2019

  8. HITRUST CSF. https://hitrustalliance.net/hitrust-csf/. Accessed 3 Mar 2019

  9. NIST. https://csrc.nist.gov/projects/risk-management/risk-management-framework-(RMF)Overview. Accessed 3 Mar 2019

  10. Nieles, M., Dempsey, K., Pillitteri, V.: An Introduction to Information Security (No. NIST Special Publication (SP) 800-12 Rev. 1 (Draft), National Institute of Standards and Technology (2017)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Health Sciences, Towson University, Baltimore, MD, USA

    Niya Werts

  2. Department of Computer and Information Sciences, Towson University, Baltimore, MD, USA

    Subrata Acharya

Authors
  1. Niya Werts
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Subrata Acharya
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Niya Werts .

Editor information

Editors and Affiliations

  1. University of Crete and Foundation for Research and Technology – Hellas (FORTH), Heraklion, Crete, Greece

    Constantine Stephanidis

Appendix 1

Appendix 1

Best Practice Life cycle for Security and Privacy Aware IT Operation.

figure a

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Werts, N., Acharya, S. (2019). A Framework for Enhancing Health Information Data Security: Application of the Consolidated Framework for Implementation Research to Breach Analysis. In: Stephanidis, C. (eds) HCI International 2019 - Posters. HCII 2019. Communications in Computer and Information Science, vol 1032. Springer, Cham. https://doi.org/10.1007/978-3-030-23522-2_28

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-23522-2_28

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-23521-5

  • Online ISBN: 978-3-030-23522-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation