The Rise of Hacking in AIoT-EHR Systems: A Trend Analysis of U.S. Healthcare Data Breaches

Electronic Health Record (EHR) data breaches create severe concerns for patients' privacy, safety, and risk of loss for healthcare entities responsible for managing patient health records. EHR systems collect a vast amount of user-sensitive data, requiring integration, implementation, and application of essential security principles, controls, and strategies to safeguard against persistent adversary attacks. This research is an exploratory study into current Artificial Intelligence of Things integrated EHR cybersecurity attacks using United States Health Insurance Portability and Accountability Act (HIPAA) privacy and security breach reported data. A descriptive and trend analysis is conducted to describe, demonstrate, summarize data points, and predict direction based on current and historical data by covered entity, type of breaches, and point of breaches (examine, attack methods, patterns, and location of breach information). ARIMA model is used to provide a detailed analysis of the data demonstrating breaches caused by hacking and IT incidents show a significant trend (coefficient 0.84, p-value < 2.2e-16 ***). The finding shows individual records in breach incidents on all categories of covered entities are skewed toward zero, demonstrating that healthcare providers are at the top in the number of breaches consistently during the analyzed period, and the trend is increasing with a number of breach incidents attributed to “Hacking/IT” has been increasing consistently throughout 2010 to 2022. The analysis validated that Artificial Intelligence of Things integrated EHR implementation lacks sufficient security controls to guarantee patient privacy, safety, and hospital operation continuity during a cyberattack.