Date of Award


Document Type


Degree Name

Master of Science in Information Systems and Technology


Information and Decision Sciences

First Reader/Committee Chair

Butler, William


It is evident that the healthcare sector continues to experience data breaches. This culminating experience project focuses on the need to maintain patient data privacy, minimize financial risks, and address public health concerns. The study examined data collected from U.S. Department of Health and Human Services from 2018 to 2023 to answer the following research questions: Q1. How many individuals are affected due to data breaches in healthcare & which States had the most affected individuals? Q2. What are the most common causes of healthcare data breaches & what measures can be taken to prevent this? and Q4. What are the healthcare data breach predictions for 2023 & what suggestions could be given to minimize them? The findings are Q1. Within the last five years, several individuals have been affected by healthcare data breaches per year. The States where individuals are affected highest are California, Florida, Minnesota, and North Carolina; Q2. The most common type of breaches are hacking/IT incidents. The compromised device/ location that affected the most individuals was the network server; Q4. The prediction for 2023 is that although breaches did decrease in 2022, they will continue to rise again in 2023. The conclusion for each question is Q1. The year 2019 had the highest peak, this is the year Covid-19 occurred, Landi (2020) also discussed that in 2019 phishing attacks plagued healthcare. Proper training for staff in identifying phishing attacks could help combat and reduce the number of individuals affected each year. Q2. Home networks are not always secure. Work-from-home devices need extra precautions, such as an IT team employing automatic updates overnight, or creating a virtual environment to access confidential information and work within the virtual environment. And Q4. Cybercriminals will continue to evolve their methods and breach industries. Having a healthcare business association (advisors, experienced and supportive references) present can reduce the number of individuals being affected. Further research would be to include data breaches affecting less than 500 individuals. More research would also be recommended to find methods of detecting and blocking data breaches faster.