How Healthcare Data Breaches and Meaningful Use of Electronic Health Records Influence Each Other

Project: Research

View graph of relations


Information security has long been a concern in the healthcare sector, but it has become a growing public interest as healthcare providers increasingly move sensitive healthcare information into electronic healthcare records (EHRs). While the move towards EHRs is believed to produce many benefits for healthcare providers as well as patients, EHRs-supported processes have made healthcare providers progressively more vulnerable to security attacks and breaches. Within this environment, healthcare providers must adopt EHRs as well as protects patient information.Federal regulations like the Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH), as well as individual state regulations, have required healthcare providers to follow various notification guidelines to disclose breaches. Further, the government has required healthcare providers to qualify as a meaningful user of EHRs. Thus healthcare providers must move beyond purchasing and even implementing EHRs. The Centers for Medicare & Medicaid Services (CMS) outlined the criteria for meaningful use of EHRs. To qualify for federal EHR incentives, healthcare providers must attest to the specific “meaningful use” criteria. The criteria are grouped into stages, with stage 1 (2011 meaningful use criteria) being the first hurdle required for funding. Coupled with large financial incentives, meaningful use attestation requires a measure for protecting EHRs and a security risk management process. Securing electronic health information is one of the meaningful use core objectives.Therefore, this project attempts to identify the relationships among the adoption of EHRs, meaningful use attestation, and healthcare data breaches. We develop an econometric model of meaningful use attestation as a function of the adoption of EHRs and healthcare data breaches, and also develop a model of healthcare security as a function of meaningful use attestation and adoption of EHRs. We further investigate whether EHRs adoption can improve meaningful use attestation and the interaction with breaches on meaningful use attestation. This project can provide a deeper understanding of effective security programs and the effect of meaningful use on healthcare security.


Project number9042136
Grant typeGRF
Effective start/end date1/01/1516/08/17

    Research areas

  • Healthcare Security,Meaningful Use,Electronic Healthcare Records,Data breach,