The healthcare sector is pivotal, offering life-saving services and enhancing well-being and community life quality, especially with the transition from paper-based to digital electronic health records (EHR). While improving efficiency and patient safety, this digital shift has also made healthcare a prime target for cybercriminals. The sector's sensitive data, including personal identification information, treatment records, and SSNs, are valuable for illegal financial gains. The resultant data breaches, increased by interconnected systems, cyber threats, and insider vulnerabilities, present ongoing and complex challenges. In this dissertation, we tackle a multi-faceted examination of these challenges. We conducted a detailed analysis of healthcare data breaches using the VERIS (Vocabulary for Event Recording and Incident Sharing) dataset. We delve into the trends of these breaches, investigate the attack vectors, and identify patterns to inform effective mitigation strategies. We conducted a spatiotemporal analysis of the VERIS and the Office of Civil Rights (OCR) datasets. We explored the geographical and temporal distribution of breaches and focused on the types of targeted assets to decipher the attackers' motives. Additionally, we conducted a detailed analysis of hospitals' online presence, focusing on their security and performance features. By comparing government, non-profit, and private hospitals in the U.S., we examined their security practices, content, and domain attributes to highlight the differences and similarities in the digital profiles of these hospital types. Furthermore, we expand our scope to include a comparative sector-based study investigating data breaches across various critical sectors. This broader view provides a contextual understanding of the healthcare sector's unique vulnerabilities compared to other sectors. Overall, this dissertation contributes fundamental insights into healthcare data breaches and hospitals' digital presence and underscores the urgent need for enhanced understanding and implementation of robust security measures in this vitally important sector, striving for a balance between technological advancement and data security.
Identifer | oai:union.ndltd.org:ucf.edu/oai:stars.library.ucf.edu:etd2023-1149 |
Date | 01 January 2024 |
Creators | Al Kinoon, Mohammed |
Publisher | STARS |
Source Sets | University of Central Florida |
Language | English |
Detected Language | English |
Type | text |
Format | application/pdf |
Source | Graduate Thesis and Dissertation 2023-2024 |
Rights | In copyright |
Page generated in 0.0029 seconds