Hospitals that merge are particularly vulnerable to data breaches in the period during and right after the acquisitions, according to research at the University of Texas at Dallas.
During the year before and year after a deal is closed, merging hospitals have a 6 percent chance of experiencing a data breach, compared to 3 percent for the same hospitals at any time, doctoral student Nan Clement found in a peer-reviewed paper presented at the 22nd Workshop on the Economics of Information Security in July. She analyzed hospital merger records and HHS data breach reports between 2010 and 2022.
"The time leading up to and following the merger deal-signing is indeed a riskier period," Ms. Clement said in an Aug. 2 news release. "Mergers are a time that we should focus on and work toward security solutions."
Possible reasons include the blending of EHR and IT systems that may be incompatible and the increased media attention on the hospitals that grabs hackers' attention, she said.