Human Error and Privacy Breaches in Healthcare Organizations: Causes and Management Strategies

We apply Reason’s GEMS typology to study privacy breach incidents in healthcare organizations. An interpretive analysis of transcripts of interviews with privacy officers of healthcare organizations in the U.S. Midwest helps discern the underlying causes of human error and develop a framework for error management. The study finds that organizational factors causing human error constitute a greater impediment to HIPAA Privacy Rule compliance than do human factors.

[1]  Vimla L. Patel,et al.  Toward An Action Based Taxonomy of Human Errors in Medicine , 2019, Proceedings of the Twenty-Fourth Annual Conference of the Cognitive Science Society.

[2]  Lara Khansa,et al.  How significant is human error as a cause of privacy breaches? An empirical study and a framework for error management , 2009, Computers & security.

[3]  P. Carayon,et al.  Human errors and violations in computer and information security: the viewpoint of network administrators and security specialists. , 2007, Applied ergonomics.

[4]  R. Cronje Gladwell M. Blink: the power of thinking without thinking. Boston: Little, Brown, 2005. , 2005 .

[5]  Eta S. Berner,et al.  Viewpoint Paper: Informatics Challenges for the Impending Patient Information Explosion , 2005, J. Am. Medical Informatics Assoc..

[6]  Huseyin Cavusoglu,et al.  The Effect of Internet Security Breach Announcements on Market Value: Capital Market Reactions for Breached Firms and Internet Security Developers , 2004, Int. J. Electron. Commer..

[7]  P. Fayers Item Response Theory for Psychologists , 2004, Quality of Life Research.

[8]  Gregory N. Stock,et al.  Critical Success Factors for Controlling and Managing Hospital Errors , 2004 .

[9]  Jan Welker,et al.  Not yet compliant with HIPAA privacy rules? , 2003, Nursing economic$.

[10]  David W. Bates,et al.  Cognition and measurement in patient safety research , 2003, J. Biomed. Informatics.

[11]  P. Maurette,et al.  [To err is human: building a safer health system]. , 2002, Annales francaises d'anesthesie et de reanimation.

[12]  Alastair Baker,et al.  Crossing the Quality Chasm: A New Health System for the 21st Century , 2001, BMJ : British Medical Journal.

[13]  L. Kohn,et al.  To Err Is Human : Building a Safer Health System , 2007 .

[14]  C. Vincent,et al.  Framework for analysing risk and safety in clinical medicine. , 1998, BMJ.

[15]  T. Ganiats Human Error in Medicine , 1995 .

[16]  Charles Vincent,et al.  Accident investigation: discovering why things go wrong , 1995 .

[17]  John W. Senders,et al.  Human Error: Cause, Prediction, and Reduction , 1991 .

[18]  Jens Rasmussen,et al.  Skills, rules, and knowledge; signals, signs, and symbols, and other distinctions in human performance models , 1983, IEEE Transactions on Systems, Man, and Cybernetics.

[19]  D. Andrich A rating formulation for ordered response categories , 1978 .

[20]  J. Shaoul Human Error , 1973, Nature.