Breaches of Unsecured Protected Health Information
Jack
2023-03-01
Introduction
The US Department of Health and Human Services (HHS) in the Office for Civil Rights (OCR) is responsible for collecting and reporting disclousures of protected health information (PHI) as mandated by law. Part of the law requires that the OCR report cases where covered entities (CE—organizations responsible for protecting health information) have a breach that affects more than 500 individuals. The data reported for each case of a breach includes:
• Name of the covered entity (Organization responsible for the PHI) • State (US State where the breach was reported) • Covered Entity Type (Type of organization responsible for the PHI) • Individuals Affected (Number of records affected by the breach) • Breach submission date (Date the breach was reported by the CE) • Type of breach (how unauthorized access to the PHI was obtained) • Location of breached information (Where was the PHI when unauthorized access was obtained) • Business associate present (Was a business associate such as a consultant or contractor involved in the breach) • Web description (A optional statement explaining what happened and the resolution)
breach <- breach %>%
mutate(`Breach Submission Date` = as.Date(`Breach Submission Date`, format="%m/%d/%Y")) %>%
mutate(month = month(`Breach Submission Date`),
day = day(`Breach Submission Date`),
year = year(`Breach Submission Date`))Summary of Statistics
Data Visualizations
Visualization #1
This visualization is a bar graph that is grouped by year, with the y
axis being the number of breaches in each year.
From this it can be seen that years 2009 and 2018 had the lowest amount
of breaches. While, years 2014 and 2016 had the most. Most years had 200
or more breaches.
```