Impacts of Hospital Data Breach on Healthcare Quality

Objective: To examine the effects of data breach incidents on healthcare quality and to explore potential mechanisms.

Data source: Hospital-level data breach reports from the U.S. Department of Health and Human Services and patient-level hospitalization records from Florida State Inpatient Database during 2013-2017.

Study design: We employ a propensity score matching difference-in-difference model to estimate changes in a patient's emergency department (ED) door-to-hospital admission hours, days to undergo principal procedure after admission, length of stay days, and in-hospital mortality rates following data breaches. We compare the health information technology (HIT) functionalities of breached and non-breached hospitals during both pre and post periods.

Data collection/extraction methods: Our primary analysis covers 1,295,537 records of inpatients admitted through the EDs of 12 hospitals.

Principal findings: Data breaches are associated with long-term improvements in healthcare quality, particularly in the timeliness of patient care and acute myocardial infarction (AMI) mortality. Over time, patients experience a reduction of 0.56 h in ED door-to-hospital admission time (95% confidence interval [CI]: -1.04 to -0.06 h) and a decrease of 0.18 days in time to undergo the principal procedure after hospital admission (95% CI: -0.23 to -0.13 days). Additionally, AMI patients experience a one percentage point reduction in in-hospital mortality (95% CI: -2 to -0.06 percentage points), while mortality rates for other patient groups remain unchanged. Hospitals affected by data breaches show long-term advancements in their HIT functionalities.

Conclusions: Hospital data breach incidents are associated with improved healthcare quality. This improvement may be attributed to hospitals' enhanced functionality of HIT.