Causes and Impacts of Personal Health Information (PHI) Breaches: A Scoping Review and Thematic Analysis
Twenty-Third Pacific Asia Conference on Information Systems, China July 2019
15 Pages Posted: 21 May 2020 Last revised: 27 May 2020
Date Written: 2019
In light of the recent high-profile data breach incidents, and newly updated mandatory data breach notification laws, considerable global attention is forming around the protection of Personal health information (PHI). PHI breaches, generally described as an impermissible use or disclosure of protected personal health information, are extremely consequential for healthcare organizations and their patients and customers. This paper reports on a scoping review and thematic analysis of the literature studying the causes and impacts of PHI breaches. We started our review by identifying over 900 relevant articles, and through a rigorous process, included 28 articles for a detailed synthesis. Our findings highlight a number of direct and indirect causes of PHI breaches and their behavioral and operational impacts. Based on these findings, gaps in the literature are identified and implications for future research are discussed.
Keywords: Privacy, Security, Personal Health Information, Data Breach, Health Information Systems, Digital Health
Suggested Citation: Suggested Citation