• Corpus ID: 16891282

The Market Effect of Healthcare Security: Do Patients Care about Data Breaches?

  title={The Market Effect of Healthcare Security: Do Patients Care about Data Breaches?},
  author={Juhee Kwon and M. Eric Johnson},
  booktitle={Workshop on the Economics of Information Security},
Data breach notification required by federal and state regulators has reduced information asymmetry on the effectiveness of information security programs. While pervasive media coverage of data breaches likely tarnishes an organization’s reputation, there is little empirical evidence that shows how consumers react to such organizational failures. Focusing on the healthcare sector as one of the most information-intensive service industries, this paper investigates consumer reaction to data… 

Figures and Tables from this paper

Do Hospital Data Breaches Reduce Patient Care Quality

Hospital data breaches significantly increased the 30-day mortality rate for AMI, and breached hospitals should carefully focus investments in security procedures, processes, and health information technology that jointly lead to better data security and improved patient outcomes.

Trust Me, I’m a Doctor: Examining Changes in How Privacy Concerns Affect Patient Withholding Behavior

These findings suggest that consumers’ beliefs about EHR privacy and security, the relationship between technology use and quality, and intentions to share information with their health care provider have not changed and are counter to the ongoing discussions about the implications of security failures in other domains.

Optimizing Cybersecurity Program-Evidence from Data Breaches in Healthcare

This paper aims to present a list of critical controls that can be used by CISO or security managers to channel the security investments to receive the most risk reduction from each dollar spent on controls.

Protecting Patient Data-The Economic Perspective of Healthcare Security

Market-driven investments must be supplemented with regulator intervention across all types of healthcare organizations, but such regulatory intervention should focus on reinforcing the economic impact of information security rather than simply trying to force specific behavior.

Breaching Together: A Data Science Approach on Firms’ Correlated Risk in Information Security

In preliminary investigations, it is found that dyadic relationships between public firms based on their business descriptions and security risk factors from their 10-K filings is significantly correlated with the dyads based on information security breaches for these public firms.

EMR Access and Confidentiality Based on Patient and Hospital Staff Perspectives

A discrepancy between the expectation of patients and what was actually practiced in the understanding and definition of EMR amongst patients and hospital staff was indicated and security of information can be attained with better modelling protocols, end-user training and refresher courses done on a regular basis.

How Data Breaches Affect Consumer Credit

More Than a Suspect: An Investigation into the Connection Between Data Breaches, Identity Theft, and Data Breach Notification Laws

This article investigates the relationship between data breaches and identity theft, including the impact of Data Breach Notification Laws (DBNL) on these incidents (using empirical data and Bayesian modeling), and shows that the correlation is driven by the size of a state.

Estimating the size of the iceberg from its tip : An investigation into unreported data breach notifications

A decade has passed since the enactment of data breach notification laws (DBNLs) in numerous U.S. states and it is clear that they have offered more visibility into the state of data Breach events in the United States.

The stock market impact of information security investments: The case of security standards

It is found that the award of a Cyber Essentials (Plus) certificate is systematically associated with significant and positive market reactions, and the international sample reveals that becoming ISO/IEC 27001-compliant elicits significant negative abnormal stock returns.



The Effect of Internet Security Breach Announcements on Market Value: Capital Market Reactions for Breached Firms and Internet Security Developers

The results show that announcing an Internet security breach is negatively associated with the market value of the announcing firm, and the cost of poor security is very high for investors.

Adoption of Electronic Health Records in the Presence of Privacy Concerns: The Elaboration Likelihood Model and Individual Persuasion

It is found that an individual's CFIP interacts with argument framing and issue involvement to affect attitudes toward the use of EHRs, and results suggest that attitude toward EHR use and CFIP directly influence opt-in behavioral intentions.

The Economic Cost of Publicly Announced Information Security Breaches: Empirical Evidence from the Stock Market

Stock market participants appear to discriminate across types of breaches when assessing their economic impact on affected firms, consistent with the argument that the economic consequences of information security breaches vary according to the nature of the underlying assets affected by the breach.

Market Reactions to Information Security Breach Announcements: An Empirical Analysis

The study found that a negative bias followed the events of September 11, 2001 and found that there was a difference in investor reactions to events during the dot-com era, when firms earned higher negative abnormal returns, and after the dot.com era.

The Association Between the Disclosure and the Realization of Information Security Risk Factors

This paper builds a decision tree model, which classifies the occurrence of future security breaches based on the textual contents of the disclosed security risk factors, and investigates how the market interprets the nature of information securityrisk factors in annual reports.

Can electronic medical record systems transform health care? Potential health benefits, savings, and costs.

It is concluded that effective EMR implementation and networking could eventually save more than $81 billion annually--by improving health care efficiency and safety--and that HIT-enabled prevention and management of chronic disease could eventually double those savings while increasing health and other social benefits.

Quality Management and Job Quality: How the ISO 9001 Standard for Quality Management Systems Affects Employees and Employers

A matched sample of nearly 1,000 companies in California found that among surviving employers, ISO adopters realized higher rates of growth of sales, employment, payroll, and average annual earnings, and injury rates declined slightly at ISO 9001 adopters, although total injury costs did not.

Does Matching Overcome Lalonde's Critique of Nonexperimental Estimators?

It is found that estimates of the impact of NSW based on propensity score matching are highly sensitive to both the set of variables included in the scores and the particular analysis sample used in the estimation.

The Effect of Customers' Social Media Participation on Customer Visit Frequency and Profitability: An Empirical Investigation

The results suggest that customer participation in a firm’s social media efforts leads to an increase in the frequency of customer visits, and the need for managers to integrate knowledge from customers’ transactional relationship with their social media participation to better serve customers and create sustainable business value.

Matching As An Econometric Evaluation Estimator: Evidence from Evaluating a Job Training Programme

This paper considers whether it is possible to devise a nonexperimental procedure for evaluating a prototypical job training programme. Using rich nonexperimental data, we examine the performance of