Unraveling the Impact of Data Breaches: Evidence From the US Healthcare Sector
量化了数据泄露对美国医院运营绩效的影响,发现被泄露医院入院人数减少2.1%、市场份额下降0.28%,并识别了网络隶属关系、治理结构、云服务等调节因素,为医院管理者和政策制定者制定缓解策略提供参考。
As data breaches become an increasingly common risk, they are now a matter of “when” rather than “if.” While there has been active research on breaches, much of the work has focused on the antecedents and prevention of breaches, leaving the quantitative ramifications and variations in breach impact relatively unexplored. To address this gap, our study quantifies the impact of breaches on operational performance and identifies how operational, technological, and market factors moderate the impact. Using a quasi-experimental design with a difference-in-differences technique and propensity score matching, we analyzed a matched sample of 1,766 US hospitals, consisting of 883 breached hospitals and their non-breached peers from 2010 to 2017. We find that breached hospitals experience a 2.1% reduction in hospital admissions and a 0.28% decrease in market share. Moreover, network affiliation, decentralized governance, and cloud-based information technology services negatively moderate breach impacts, while IT security systems for detection, identity governance, and recovery provide mitigating effects. Additionally, we find that breaches in one hospital spillover to affect non-breached hospitals in the same local market. Our findings contribute to the operations management and security literature and provide managerial insights for enhancing breach resilience. Understanding these moderating factors can help hospital managers and policymakers formulate tailored mitigation strategies.