A systematic analysis of failures in protecting personal health data: A scoping review

Personal health data breaches pose significant challenges to healthcare providers and clients. This study systematically analyzes 5470 records and reviews 120 articles on this theoretically and practically important topic. It summarizes the existing literature and develops an integrative model with eleven propositions explaining the multifaceted nature of health data breaches, their facilitators, and their impacts. We report on the gaps in the current literature and discuss six promising avenues of future research, including specific suggestions for multilevel analysis, use of novel methods, contributions to information systems theory, stakeholder analysis, underexplored themes, and boundary-breaching opportunities. Beyond these findings, our study offers implications for key stakeholders in healthcare settings. This study equips practitioners and researchers with a valuable model for evidence-based data breach risk management and offers guidance for future investigations, enhancing our collective understanding of personal health data breaches within healthcare.